aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorfiaxh <git@lightrise.org>2021-06-07 09:56:25 -0600
committerfiaxh <git@lightrise.org>2021-06-07 09:56:25 -0600
commit0c8d25b7a3e7a10a506f1e19b868fe9b0c761495 (patch)
tree564045c662b82f8efe27528426b49722ada45843
parent1ac16ecd8450084fade1401eec18c8663e48cdf6 (diff)
downloaddino-0c8d25b7a3e7a10a506f1e19b868fe9b0c761495.tar.gz
dino-0c8d25b7a3e7a10a506f1e19b868fe9b0c761495.zip
Fix file traversal issue on incoming file transfers
Fixes CVE-2021-33896
-rw-r--r--libdino/src/entity/file_transfer.vala13
1 files changed, 12 insertions, 1 deletions
diff --git a/libdino/src/entity/file_transfer.vala b/libdino/src/entity/file_transfer.vala
index a8e386bf..1823478f 100644
--- a/libdino/src/entity/file_transfer.vala
+++ b/libdino/src/entity/file_transfer.vala
@@ -45,7 +45,18 @@ public class FileTransfer : Object {
}
}
- public string file_name { get; set; }
+ private string file_name_;
+ public string file_name {
+ get { return file_name_; }
+ set {
+ file_name_ = Path.get_basename(value);
+ if (file_name_ == Path.DIR_SEPARATOR_S || file_name_ == ".") {
+ file_name_ = "unknown filename";
+ } else if (file_name_.has_prefix(".")) {
+ file_name_ = "_" + file_name_;
+ }
+ }
+ }
private string? server_file_name_ = null;
public string server_file_name {
get { return server_file_name_ ?? file_name; }