Fixed bug in verifyPath() that was breaking PHYSFS_setSaneConfig() and other

corner cases.
This commit is contained in:
Ryan C. Gordon 2005-08-20 04:46:25 +00:00
parent 7b4181684e
commit bbb0cab5ee
2 changed files with 9 additions and 6 deletions

View File

@ -2,6 +2,8 @@
* CHANGELOG. * CHANGELOG.
*/ */
08202005 - Fixed bug in verifyPath() that was breaking PHYSFS_setSaneConfig()
and other corner cases.
07242005 - Patched to compile on BeOS. 07242005 - Patched to compile on BeOS.
07232005 - Fixed bug in zip archiver (thanks, Jörg Walter!). 07232005 - Fixed bug in zip archiver (thanks, Jörg Walter!).
More minor OS/2 tweaks. Updated zlib to 1.2.3, which properly More minor OS/2 tweaks. Updated zlib to 1.2.3, which properly

View File

@ -1107,7 +1107,7 @@ int PHYSFS_setSaneConfig(const char *organization, const char *appName,
BAIL_IF_MACRO(!initialized, ERR_NOT_INITIALIZED, 0); BAIL_IF_MACRO(!initialized, ERR_NOT_INITIALIZED, 0);
/* set write dir... */ /* set write dir... */
str = (char *) allocator.Malloc( str = (char *) allocator.Malloc(
strlen(userdir) + (strlen(organization) * 2) + strlen(userdir) + (strlen(organization) * 2) +
(strlen(appName) * 2) + (strlen(dirsep) * 3) + 2); (strlen(appName) * 2) + (strlen(dirsep) * 3) + 2);
@ -1325,12 +1325,14 @@ static int verifyPath(DirHandle *h, char **_fname, int allowMissing)
{ {
while (1) while (1)
{ {
int rc = 0;
end = strchr(start, '/'); end = strchr(start, '/');
if (end != NULL)
*end = '\0';
if (h->funcs->isSymLink(h->opaque, fname, &retval)) if (end != NULL) *end = '\0';
BAIL_MACRO(ERR_SYMLINK_DISALLOWED, 0); /* insecure. */ rc = h->funcs->isSymLink(h->opaque, fname, &retval);
if (end != NULL) *end = '/';
BAIL_IF_MACRO(rc, ERR_SYMLINK_DISALLOWED, 0); /* insecure. */
/* break out early if path element is missing. */ /* break out early if path element is missing. */
if (!retval) if (!retval)
@ -1348,7 +1350,6 @@ static int verifyPath(DirHandle *h, char **_fname, int allowMissing)
if (end == NULL) if (end == NULL)
break; break;
*end = '/';
start = end + 1; start = end + 1;
} /* while */ } /* while */
} /* if */ } /* if */