if (SMB_VFS_STAT(conn,name,&st) == 0) {
*pst = st;
}
- DEBUG(5,("conversion finished %s -> %s\n",orig_path, name));
+ DEBUG(5,("conversion finished \"\" -> %s\n",name));
return(True);
}
return NULL;
}
+ /*
+ * If widelinks are disallowed we need to canonicalise the
+ * connect path here to ensure we don't have any symlinks in
+ * the connectpath. We will be checking all paths on this
+ * connection are below this directory. We must do this after
+ * the VFS init as we depend on the realpath() pointer in the vfs table. JRA.
+ */
+ if (!lp_widelinks(snum)) {
+ pstring s;
+ pstrcpy(s,conn->connectpath);
+ canonicalize_path(conn, s);
+ string_set(&conn->connectpath,s);
+ }
+
/* ROOT Activities: */
/* check number of connections */
if (!claim_connection(conn,
return (path);
}
+BOOL canonicalize_path(connection_struct *conn, pstring path)
+{
+#ifdef REALPATH_TAKES_NULL
+ char *resolved_name = SMB_VFS_REALPATH(conn,path,NULL);
+ if (!resolved_name) {
+ return False;
+ }
+ pstrcpy(path, resolved_name);
+ SAFE_FREE(resolved_name);
+ return True;
+#else
+#ifdef PATH_MAX
+ char resolved_name_buf[PATH_MAX+1];
+#else
+ pstring resolved_name_buf;
+#endif
+ char *resolved_name = SMB_VFS_REALPATH(conn,path,resolved_name_buf);
+ if (!resolved_name) {
+ return False;
+ }
+ pstrcpy(path, resolved_name);
+ return True;
+#endif /* REALPATH_TAKES_NULL */
+}
+
/*******************************************************************
Reduce a file name, removing .. elements and checking that
it is below dir in the heirachy. This uses realpath.
}
if (strncmp(conn->connectpath, resolved_name, con_path_len) != 0) {
- DEBUG(2, ("reduce_name: Bad access attemt: %s is a symlink outside the share path", fname));
+ DEBUG(2, ("reduce_name: Bad access attempt: %s is a symlink outside the share path", fname));
if (free_resolved_name)
SAFE_FREE(resolved_name);
return False;
git.samba.org / tprouty / samba.git / commitdiff