[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[gnurl] 05/282: tool_dirhie: Allow directory traversal during creation
From: |
gnunet |
Subject: |
[gnurl] 05/282: tool_dirhie: Allow directory traversal during creation |
Date: |
Wed, 01 Apr 2020 14:27:50 +0200 |
This is an automated email from the git hooks/post-receive script.
ng0 pushed a commit to branch master
in repository gnurl.
commit 4027bd72d9f0add0135e08cc7e1860cc1385f21f
Author: Jay Satiro <address@hidden>
AuthorDate: Tue Jan 7 19:44:51 2020 -0500
tool_dirhie: Allow directory traversal during creation
- When creating a directory hierarchy do not error when mkdir fails due
to error EACCESS (13) "access denied".
Some file systems allow for directory traversal; in this case that it
should be possible to create child directories when permission to the
parent directory is restricted.
This is a regression caused by me in f16bed0 (precedes curl-7_61_1).
Basically I had assumed that if a directory already existed it would
fail only with error EEXIST, and not error EACCES. The latter may
happen if the directory exists but has certain restricted permissions.
Reported-by: address@hidden
Fixes https://github.com/curl/curl/issues/4796
Closes https://github.com/curl/curl/pull/4797
---
src/tool_dirhie.c | 19 +++++++++++++++++--
1 file changed, 17 insertions(+), 2 deletions(-)
diff --git a/src/tool_dirhie.c b/src/tool_dirhie.c
index 06b3c03e8..a55503995 100644
--- a/src/tool_dirhie.c
+++ b/src/tool_dirhie.c
@@ -125,6 +125,7 @@ CURLcode create_dir_hierarchy(const char *outfile, FILE
*errors)
tempdir = strtok(outdup, PATH_DELIMITERS);
while(tempdir != NULL) {
+ bool skip = false;
tempdir2 = strtok(NULL, PATH_DELIMITERS);
/* since strtok returns a token for the last word even
if not ending with DIR_CHAR, we need to prune it */
@@ -133,13 +134,27 @@ CURLcode create_dir_hierarchy(const char *outfile, FILE
*errors)
if(dlen)
msnprintf(&dirbuildup[dlen], outlen - dlen, "%s%s", DIR_CHAR, tempdir);
else {
- if(outdup == tempdir)
+ if(outdup == tempdir) {
+#if defined(MSDOS) || defined(WIN32)
+ /* Skip creating a drive's current directory.
+ It may seem as though that would harmlessly fail but it could be
+ a corner case if X: did not exist, since we would be creating it
+ erroneously.
+ eg if outfile is X:\foo\bar\filename then don't mkdir X:
+ This logic takes into account unsupported drives !:, 1:, etc. */
+ char *p = strchr(tempdir, ':');
+ if(p && !p[1])
+ skip = true;
+#endif
/* the output string doesn't start with a separator */
strcpy(dirbuildup, tempdir);
+ }
else
msnprintf(dirbuildup, outlen, "%s%s", DIR_CHAR, tempdir);
}
- if((-1 == mkdir(dirbuildup, (mode_t)0000750)) && (errno != EEXIST)) {
+ /* Create directory. Ignore access denied error to allow traversal. */
+ if(!skip && (-1 == mkdir(dirbuildup, (mode_t)0000750)) &&
+ (errno != EACCES) && (errno != EEXIST)) {
show_dir_errno(errors, dirbuildup);
result = CURLE_WRITE_ERROR;
break; /* get out of loop */
--
To stop receiving notification emails like this one, please contact
address@hidden.
- [gnurl] branch master updated (697584161 -> 10e1f0a79), gnunet, 2020/04/01
- [gnurl] 08/282: curl.h: remove WIN32 define, gnunet, 2020/04/01
- [gnurl] 02/282: runtests: make random seed fixed for a month, gnunet, 2020/04/01
- [gnurl] 03/282: docs/RELEASE-PROCEDURE.md: pushed some release dates, gnunet, 2020/04/01
- [gnurl] 07/282: tool_dirhie.c: fix the copyright year range, gnunet, 2020/04/01
- [gnurl] 05/282: tool_dirhie: Allow directory traversal during creation,
gnunet <=
- [gnurl] 04/282: KNOWN_BUGS: AUTH PLAIN for SMTP is not working on all servers, gnunet, 2020/04/01
- [gnurl] 01/282: RELEASE-PROCEDURE.md: fix next release date (Feb 26), gnunet, 2020/04/01
- [gnurl] 10/282: libtest/mk-lib1521: adapt to new public header layout, gnunet, 2020/04/01
- [gnurl] 06/282: bump: work towards 7.69.0 is started, gnunet, 2020/04/01
- [gnurl] 12/282: scripts/delta: adapt to new public header layout, gnunet, 2020/04/01
- [gnurl] 15/282: vtls: Refactor Curl_multissl_version to make the code clearer, gnunet, 2020/04/01
- [gnurl] 20/282: cmake: Improve libssh2 check on Windows, gnunet, 2020/04/01
- [gnurl] 17/282: multi: Change curl_multi_wait/poll to error on negative timeout, gnunet, 2020/04/01
- [gnurl] 16/282: cmake: Enable SMB for Windows builds, gnunet, 2020/04/01
- [gnurl] 14/282: fix: Copyright year out of date, should be 2020, gnunet, 2020/04/01