diff options
author | fiaxh <git@lightrise.org> | 2021-06-07 09:56:25 -0600 |
---|---|---|
committer | fiaxh <git@lightrise.org> | 2021-06-07 09:56:25 -0600 |
commit | 0c8d25b7a3e7a10a506f1e19b868fe9b0c761495 (patch) | |
tree | 564045c662b82f8efe27528426b49722ada45843 /libdino/src | |
parent | 1ac16ecd8450084fade1401eec18c8663e48cdf6 (diff) | |
download | dino-0c8d25b7a3e7a10a506f1e19b868fe9b0c761495.tar.gz dino-0c8d25b7a3e7a10a506f1e19b868fe9b0c761495.zip |
Fix file traversal issue on incoming file transfers
Fixes CVE-2021-33896
Diffstat (limited to 'libdino/src')
-rw-r--r-- | libdino/src/entity/file_transfer.vala | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/libdino/src/entity/file_transfer.vala b/libdino/src/entity/file_transfer.vala index a8e386bf..1823478f 100644 --- a/libdino/src/entity/file_transfer.vala +++ b/libdino/src/entity/file_transfer.vala @@ -45,7 +45,18 @@ public class FileTransfer : Object { } } - public string file_name { get; set; } + private string file_name_; + public string file_name { + get { return file_name_; } + set { + file_name_ = Path.get_basename(value); + if (file_name_ == Path.DIR_SEPARATOR_S || file_name_ == ".") { + file_name_ = "unknown filename"; + } else if (file_name_.has_prefix(".")) { + file_name_ = "_" + file_name_; + } + } + } private string? server_file_name_ = null; public string server_file_name { get { return server_file_name_ ?? file_name; } |