From 548375b2122f83771dc0b8571f16e5b5adabba98 Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Wed, 7 Sep 2016 10:04:31 +0200
Subject: [PATCH 07/59] Make filename filters smarter.
In the original version vsftpd was not able to prevent
users from downloading for instance /etc/passwd by
defining filters such as deny_file=/etc/passwd or /etc*
or passwd. Example of erroneous behavior:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> cd /
250 Directory successfully changed.
ftp> cd /etc
550 Permission denied.
ftp> cd etc
250 Directory successfully changed.
ftp> get passwd
local: passwd remote: passwd
227 Entering Passive Mode (127,0,0,1,99,251)
150 Opening BINARY mode data connection for passwd (2813 bytes).
226 File send OK.
2813 bytes received in 0.00016 seconds (1.7e+04 Kbytes/s)
ftp> quit
221 Goodbye.
---
ls.c | 24 +++++++++++++++++++++++-
str.c | 11 +++++++++++
str.h | 1 +
3 files changed, 35 insertions(+), 1 deletion(-)
diff --git a/ls.c b/ls.c
index 7e1376d..f489478 100644
--- a/ls.c
+++ b/ls.c
@@ -246,8 +246,30 @@ vsf_filename_passes_filter(const struct mystr* p_filename_str,
int ret = 0;
char last_token = 0;
int must_match_at_current_pos = 1;
+
+
str_copy(&filter_remain_str, p_filter_str);
- str_copy(&name_remain_str, p_filename_str);
+
+ if (!str_isempty (&filter_remain_str) && !str_isempty(p_filename_str)) {
+ if (str_get_char_at(p_filter_str, 0) == '/') {
+ if (str_get_char_at(p_filename_str, 0) != '/') {
+ str_getcwd (&name_remain_str);
+
+ if (str_getlen(&name_remain_str) > 1) /* cwd != root dir */
+ str_append_char (&name_remain_str, '/');
+
+ str_append_str (&name_remain_str, p_filename_str);
+ }
+ else
+ str_copy (&name_remain_str, p_filename_str);
+ } else {
+ if (str_get_char_at(p_filter_str, 0) != '{')
+ str_basename (&name_remain_str, p_filename_str);
+ else
+ str_copy (&name_remain_str, p_filename_str);
+ }
+ } else
+ str_copy(&name_remain_str, p_filename_str);
while (!str_isempty(&filter_remain_str) && *iters < VSFTP_MATCHITERS_MAX)
{
diff --git a/str.c b/str.c
index 6596204..ba4b92a 100644
--- a/str.c
+++ b/str.c
@@ -711,3 +711,14 @@ str_replace_unprintable(struct mystr* p_str, char new_char)
}
}
+void
+str_basename (struct mystr* d_str, const struct mystr* path)
+{
+ static struct mystr tmp;
+
+ str_copy (&tmp, path);
+ str_split_char_reverse(&tmp, d_str, '/');
+
+ if (str_isempty(d_str))
+ str_copy (d_str, path);
+}
diff --git a/str.h b/str.h
index ab0a9a4..3a21b50 100644
--- a/str.h
+++ b/str.h
@@ -100,6 +100,7 @@ void str_replace_unprintable(struct mystr* p_str, char new_char);
int str_atoi(const struct mystr* p_str);
filesize_t str_a_to_filesize_t(const struct mystr* p_str);
unsigned int str_octal_to_uint(const struct mystr* p_str);
+void str_basename (struct mystr* d_str, const struct mystr* path);
/* PURPOSE: Extract a line of text (delimited by \n or EOF) from a string
* buffer, starting at character position 'p_pos'. The extracted line will
--
2.14.4