[PATCH 08/18] insert: check folder name
Don't accept folder names containing a ".." component,
to prevent writing outside of the maildir.
---
notmuch-insert.c | 20
1 files changed, 20 insertions(+), 0 deletions(-)
diff --git a/notmuch-insert.c b/notmuch-insert.c
index 6398618..ee51a87 100644
--- a/notmuch-insert.c
+++ b/notmuch-insert.c
@@ -25,6 +25,22 @@
#include
static notmuch_bool_t
+check_folder_name (const char *folder)
+{
+const char *p = folder;
+
+/* Check ".." appears nowhere in the folder name. */
+for (;;) {
+ if ((p[0] == '.') && (p[1] == '.') && (p[2] == '\0' || p[2] == '/'))
+ return FALSE;
+ p = strchr (p, '/');
+ if (!p)
+ return TRUE;
+ p++;
+}
+}
+
+static notmuch_bool_t
safe_gethostname (char *hostname, size_t hostname_size)
{
if (gethostname (hostname, hostname_size) == -1) {
@@ -232,6 +248,10 @@ notmuch_insert_command (void *ctx, int argc, char *argv[])
db_path = notmuch_config_get_database_path (config);
if (folder != NULL) {
+ if (! check_folder_name (folder)) {
+ fprintf (stderr, "Error: bad folder name: %s\n", folder);
+ return 1;
+ }
maildir = talloc_asprintf (ctx, "%s/%s", db_path, folder);
} else {
maildir = talloc_asprintf (ctx, "%s", db_path);
--
1.7.4.4
[PATCH 08/18] insert: check folder name
Don't accept folder names containing a ".." component,
to prevent writing outside of the maildir.
---
notmuch-insert.c | 20
1 files changed, 20 insertions(+), 0 deletions(-)
diff --git a/notmuch-insert.c b/notmuch-insert.c
index 6398618..ee51a87 100644
--- a/notmuch-insert.c
+++ b/notmuch-insert.c
@@ -25,6 +25,22 @@
#include
static notmuch_bool_t
+check_folder_name (const char *folder)
+{
+const char *p = folder;
+
+/* Check ".." appears nowhere in the folder name. */
+for (;;) {
+ if ((p[0] == '.') && (p[1] == '.') && (p[2] == '\0' || p[2] == '/'))
+ return FALSE;
+ p = strchr (p, '/');
+ if (!p)
+ return TRUE;
+ p++;
+}
+}
+
+static notmuch_bool_t
safe_gethostname (char *hostname, size_t hostname_size)
{
if (gethostname (hostname, hostname_size) == -1) {
@@ -232,6 +248,10 @@ notmuch_insert_command (void *ctx, int argc, char *argv[])
db_path = notmuch_config_get_database_path (config);
if (folder != NULL) {
+ if (! check_folder_name (folder)) {
+ fprintf (stderr, "Error: bad folder name: %s\n", folder);
+ return 1;
+ }
maildir = talloc_asprintf (ctx, "%s/%s", db_path, folder);
} else {
maildir = talloc_asprintf (ctx, "%s", db_path);
--
1.7.4.4
___
notmuch mailing list
notmuch@notmuchmail.org
http://notmuchmail.org/mailman/listinfo/notmuch
