Attachment #59339 for bug #93079

View | Details | Raw Unified | Return to bug 93079
Collapse All | Expand All




	return 1;
}

#define IS_SEP(c) (c == '/' || c == ':' || c == '\\')
void scrub_name(char *smee)
{
	char *paths[] = { "../", "..\\", "..:", NULL};
	size_t p, i, len;
	char scrubit, scrubbed;

	scrubbed = 0;
	len = strlen(smee);
	i = 0;
	scrubit = 1;

	/* search the path and scrub out all relative paths */
	while (i + 3 < len) {
		for (p = 0; paths[p]; ++p) {
			if (scrubit && !strncmp(paths[p], smee+i, 3)) {
				scrubbed = 1;
				memset(smee+i, '\0', 3);
				i += 2;
				break;
			}
		}
		scrubit = IS_SEP(smee[i]) || smee[i] == '\0';
		++i;
	}

	if (!scrubbed)
		return;

	/* condense the string over all the scrubbed bits */
	p = 0;
	for (i = 0; i < len; ++i) {
		while (p < len && smee[p] == '\0')
			++p;
		if (p == len) {
			smee[i] = '\0';
			break;
		}
		smee[i] = smee[p++];
	}
}

int dzReadDirectoryEntry (direntry_t *de)
{
	char *s;

	s = Dzip_malloc(de->len);
	dzFile_Read(s, de->len);
	de->name = s;
	scrub_name(de->name);
	if (de->pak && de->type != TYPE_PAK)
		return 1;	/* dont mess with dirchar inside pakfiles */
	do

		e = in++;

	return e;
}

Lines 201-206 void demv1_dxentities(void) Link Here

(-)work.orig/v1code.c (+2 lines)
201		201
202	}	202	}
203		203
		204	extern void scrub_name(char *smee);
204	void dzUncompressV1 (int testing)	205	void dzUncompressV1 (int testing)
205	{	206	{
206	int i, inlen = 0;	207	int i, inlen = 0;
Lines 221-226 void dzUncompressV1 (int testing) Link Here
221	{	222	{
222	de = directory + i;	223	de = directory + i;
223	crcval = INITCRC;	224	crcval = INITCRC;
		225	scrub_name(de->name);
224	printf("%s %s",action,de->name);	226	printf("%s %s",action,de->name);
225	fflush(stdout);	227	fflush(stdout);
226		228

Return to bug 93079

Lines 77-82 int dzRead (int inlen) Link Here

(-)work.orig/main.c (-1 / +44 lines)
77	return 1;	77	return 1;
78	}	78	}
79		79
		80	#define IS_SEP(c) (c == '/' \|\| c == ':' \|\| c == '\\')
		81	void scrub_name(char *smee)
		82	{
		83	char *paths[] = { "../", "..\\", "..:", NULL};
		84	size_t p, i, len;
		85	char scrubit, scrubbed;
		86
		87	scrubbed = 0;
		88	len = strlen(smee);
		89	i = 0;
		90	scrubit = 1;
		91
		92	/* search the path and scrub out all relative paths */
		93	while (i + 3 < len) {
		94	for (p = 0; paths[p]; ++p) {
		95	if (scrubit && !strncmp(paths[p], smee+i, 3)) {
		96	scrubbed = 1;
		97	memset(smee+i, '\0', 3);
		98	i += 2;
		99	break;
		100	}
		101	}
		102	scrubit = IS_SEP(smee[i]) \|\| smee[i] == '\0';
		103	++i;
		104	}
		105
		106	if (!scrubbed)
		107	return;
		108
		109	/* condense the string over all the scrubbed bits */
		110	p = 0;
		111	for (i = 0; i < len; ++i) {
		112	while (p < len && smee[p] == '\0')
		113	++p;
		114	if (p == len) {
		115	smee[i] = '\0';
		116	break;
		117	}
		118	smee[i] = smee[p++];
		119	}
		120	}
		121
80	int dzReadDirectoryEntry (direntry_t *de)	122	int dzReadDirectoryEntry (direntry_t *de)
81	{	123	{
82	char *s;	124	char *s;
Lines 102-107 int dzReadDirectoryEntry (direntry_t *de Link Here
102	s = Dzip_malloc(de->len);	144	s = Dzip_malloc(de->len);
103	dzFile_Read(s, de->len);	145	dzFile_Read(s, de->len);
104	de->name = s;	146	de->name = s;
		147	scrub_name(de->name);
105	if (de->pak && de->type != TYPE_PAK)	148	if (de->pak && de->type != TYPE_PAK)
106	return 1; /* dont mess with dirchar inside pakfiles */	149	return 1; /* dont mess with dirchar inside pakfiles */
107	do	150	do
Lines 244-247 char FileExtension (char in) Link Here
244	e = in++;	287	e = in++;
245		288
246	return e;	289	return e;
247	}	290	}