diff options
author | Simon Rettberg | 2015-12-14 09:21:09 +0100 |
---|---|---|
committer | Simon Rettberg | 2015-12-14 09:21:09 +0100 |
commit | 08c1842379c6a11f3b52fafcfa3bc47748e3cde8 (patch) | |
tree | 5136ab51dfb0cfdb742824ec24aeb6e1152c0011 /src/server/image.c | |
parent | [SERVER] Support looking on disk if an unknown image is requested (diff) | |
download | dnbd3-08c1842379c6a11f3b52fafcfa3bc47748e3cde8.tar.gz dnbd3-08c1842379c6a11f3b52fafcfa3bc47748e3cde8.tar.xz dnbd3-08c1842379c6a11f3b52fafcfa3bc47748e3cde8.zip |
[SERVER] Disallow images starting with "." now that we allow load-on-demand
This will prevent hidden files from being exported to clients and also
prevents directory traversal attacks ( ../../image.img )
Diffstat (limited to 'src/server/image.c')
-rw-r--r-- | src/server/image.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/src/server/image.c b/src/server/image.c index b046af5..fb3f8ba 100644 --- a/src/server/image.c +++ b/src/server/image.c @@ -917,7 +917,8 @@ dnbd3_image_t* image_getOrLoad(char * const name, const uint16_t revision) if ( !_isProxy && revision != 0 ) return image_get( name, revision, true ); const size_t len = strlen( name ); // Sanity check - if ( len == 0 || name[len - 1] == '/' || name[0] == '/' ) return NULL; + if ( len == 0 || name[len - 1] == '/' || name[0] == '/' + || name[0] == '.' || strstr( name, "/." ) != NULL ) return NULL; // Call specific function depending on whether this is a proxy or not if ( _isProxy ) { return loadImageProxy( name, revision, len ); |