diff options
| author | Lennart Poettering <lennart@poettering.net> | 2015-10-26 18:59:36 +0100 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2015-10-27 13:25:55 +0100 |
| commit | bb15fafe9cd815fe5bf9eae84c08aead2eb98fd7 (patch) | |
| tree | 57955c8d8a47196e17d4a2d3963766ad59ef3735 /src/basic/path-util.c | |
| parent | 4349cd7c1d153c4ffa23cf1cff1644e0afa9bcf0 (diff) | |
util: move filename_is_valid() and path_is_safe() to path-util.[ch]
Diffstat (limited to 'src/basic/path-util.c')
| -rw-r--r-- | src/basic/path-util.c | 43 |
1 files changed, 43 insertions, 0 deletions
diff --git a/src/basic/path-util.c b/src/basic/path-util.c index b1cab7356c..d581f85707 100644 --- a/src/basic/path-util.c +++ b/src/basic/path-util.c @@ -723,3 +723,46 @@ char* dirname_malloc(const char *path) { return dir2; } + +bool filename_is_valid(const char *p) { + const char *e; + + if (isempty(p)) + return false; + + if (streq(p, ".")) + return false; + + if (streq(p, "..")) + return false; + + e = strchrnul(p, '/'); + if (*e != 0) + return false; + + if (e - p > FILENAME_MAX) + return false; + + return true; +} + +bool path_is_safe(const char *p) { + + if (isempty(p)) + return false; + + if (streq(p, "..") || startswith(p, "../") || endswith(p, "/..") || strstr(p, "/../")) + return false; + + if (strlen(p)+1 > PATH_MAX) + return false; + + /* The following two checks are not really dangerous, but hey, they still are confusing */ + if (streq(p, ".") || startswith(p, "./") || endswith(p, "/.") || strstr(p, "/./")) + return false; + + if (strstr(p, "//")) + return false; + + return true; +} |