File-Handling: sanitize filenames.

[citadel.git] / citadel / file_ops.c

diff --git a/citadel/file_ops.c b/citadel/file_ops.c
index 75670266b73d9a5aec9382d4ab9f18de5840b43c..5547c005e0a374c20df9be7a32753111a88c0282 100644 (file)
--- a/citadel/file_ops.c
+++ b/citadel/file_ops.c
@@ -37,11 +37,6 @@
 #include "msgbase.h"
 #include "citserver.h"
 #include "threads.h"
-
-#ifndef HAVE_SNPRINTF
-#include "snprintf.h"
-#endif
-
 #include "ctdl_module.h"
 #include "user_ops.h"
 
@@ -208,6 +203,12 @@ void cmd_open(char *cmdbuf)
                        ERROR + FILE_NOT_FOUND);
                return;
        }
+       if (strstr(filename, "../") != NULL)
+       {
+               cprintf("%d syntax error.\n",
+                       ERROR + ILLEGAL_VALUE);
+               return;
+       }
 
        if (CC->download_fp != NULL) {
                cprintf("%d You already have a download file open.\n",
@@ -289,6 +290,13 @@ void cmd_oimg(char *cmdbuf)
                                filename[a] = '_';
                        }
                }
+               if (strstr(filename, "../") != NULL)
+               {
+                       cprintf("%d syntax error.\n",
+                               ERROR + ILLEGAL_VALUE);
+                       return;
+               }
+
                snprintf(pathname, sizeof pathname,
                                 "%s/%s",
                                 ctdl_image_dir,
@@ -610,8 +618,13 @@ void cmd_read(char *cmdbuf)
        }
 
        rc = fseek(CC->download_fp, start_pos, 0);
-       if (rc != start_pos) {
+       if (rc < 0) {
                cprintf("%d your file is smaller then %ld.\n", ERROR + ILLEGAL_VALUE, start_pos);
+               syslog(LOG_ALERT, "your file %s is smaller then %ld. [%s]\n", 
+                      CC->upl_path, 
+                      start_pos,
+                      strerror(errno));
+
                return;
        }
        bytes = fread(buf, 1, bytes, CC->download_fp);