summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2015-04-30 19:44:10 +0200
committerLennart Poettering <lennart@poettering.net>2015-05-05 15:06:35 -0700
commit6442185ab674cc202d63c18605057b9a51ca2722 (patch)
tree9e56d923c27c9016fd8e9e33e6b1a9b748529024
parente66e5b612a9e5921d79a6aedab4983e33dff8cb1 (diff)
util: be a bit safer in path_is_safe()
We should be more strict when verifying paths with path_is_safe() for potentially dangerous constructs, and that includes lengths of PATH_MAX-1 and larger. Be more accurate here.
-rw-r--r--src/shared/util.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/src/shared/util.c b/src/shared/util.c
index 2c7254eeda..d9bd34b3b6 100644
--- a/src/shared/util.c
+++ b/src/shared/util.c
@@ -3917,7 +3917,7 @@ bool path_is_safe(const char *p) {
if (streq(p, "..") || startswith(p, "../") || endswith(p, "/..") || strstr(p, "/../"))
return false;
- if (strlen(p) > PATH_MAX)
+ if (strlen(p)+1 > PATH_MAX)
return false;
/* The following two checks are not really dangerous, but hey, they still are confusing */