diff options
| author | Lennart Poettering <lennart@poettering.net> | 2015-04-30 19:44:10 +0200 |
|---|---|---|
| committer | Sven Eden <yamakuzure@gmx.net> | 2017-03-14 08:20:22 +0100 |
| commit | 3a296a5fe6c06deb497b09ab29b8363761b2885d (patch) | |
| tree | 4caabe3985c4ec64201a5b7be762aa97facc5c5d | |
| parent | 3d6374dfb8b85537dfa4284a9f0dd87497c63cf7 (diff) | |
util: be a bit safer in path_is_safe()
We should be more strict when verifying paths with path_is_safe() for
potentially dangerous constructs, and that includes lengths of
PATH_MAX-1 and larger. Be more accurate here.
| -rw-r--r-- | src/shared/util.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/shared/util.c b/src/shared/util.c index 693bb1d9a..f904d0325 100644 --- a/src/shared/util.c +++ b/src/shared/util.c @@ -3918,7 +3918,7 @@ bool path_is_safe(const char *p) { if (streq(p, "..") || startswith(p, "../") || endswith(p, "/..") || strstr(p, "/../")) return false; - if (strlen(p) > PATH_MAX) + if (strlen(p)+1 > PATH_MAX) return false; /* The following two checks are not really dangerous, but hey, they still are confusing */ |