X-Git-Url: https://arthur.barton.de/cgi-bin/gitweb.cgi?a=blobdiff_plain;f=etc%2Fafpd%2Fdirectory.c;h=7c7eae72cd9920a3d1876c016500f25fcf8a2bfb;hb=2c09a52ace844af8c2475b7221b8d69d8a81b53e;hp=db3ed8cd2bb3cafae4ad19b695fc5a777a88e331;hpb=e9fa1eb3c73bd7abea3b6294e4389cf7c7f1d829;p=netatalk.git

diff --git a/etc/afpd/directory.c b/etc/afpd/directory.c
index db3ed8cd..7c7eae72 100644
--- a/etc/afpd/directory.c
+++ b/etc/afpd/directory.c
@@ -1,5 +1,5 @@
 /*
- * $Id: directory.c,v 1.130 2010-01-26 08:14:09 didg Exp $
+ * $Id: directory.c,v 1.133 2010-02-19 01:26:03 didg Exp $
  *
  * Copyright (c) 1990,1993 Regents of The University of Michigan.
  * All Rights Reserved.  See COPYRIGHT.
@@ -133,6 +133,76 @@ static struct dir rootpar  = { SENTINEL, SENTINEL, NULL,
  * frPutAway:   4    home directory ID
  */
 
+/*!
+ * @brief symlink safe chdir replacement
+ *
+ * Only chdirs to dir if it doesn't contain symlinks.
+ *
+ * @returns 1 if a path element is a symlink, 0 otherwise, -1 on syserror
+ */
+static int lchdir(const char *dir)
+{
+    int ret = 0;
+    char buf[MAXPATHLEN+1];
+#ifdef REALPATH_TAKES_NULL
+    char *rpath = NULL;
+#else
+    char rpath[MAXPATHLEN+1];
+#endif
+
+    /* dir might be an relative or an absolute path */
+    if (dir[0] == '/') {
+        /* absolute path, just make sure buf is prepared for strlcat */
+        buf[0] = 0;
+    } else {
+        /* relative path, push cwd int buf */
+        if (getcwd(buf, MAXPATHLEN) == NULL)
+            return -1;
+        if (strlcat(buf, "/", MAXPATHLEN) >= MAXPATHLEN)
+            return -1;
+    }
+
+    if (strlcat(buf, dir, MAXPATHLEN) >= MAXPATHLEN)
+        return -1;
+
+#ifdef REALPATH_TAKES_NULL
+    if ((rpath = realpath(dir, NULL)) == NULL) {
+#else
+    if (realpath(dir, rpath) == NULL) {
+#endif
+        ret = -1;
+        goto exit;
+    }
+
+    /* 
+     * Cases:
+     * chdir request   | realpath result | ret
+     * (after getwcwd) |                 |
+     * =======================================
+     * /a/b/.          | /a/b            | 0
+     * /a/b/.          | /c              | 1
+     * /a/b/.          | /c/d/e/f        | 1
+     */
+    ret = 0;
+    for (int i = 0; rpath[i]; i++) {
+        if (buf[i] != rpath[i]) {
+            ret = 1;
+            goto exit;
+        }
+    }
+
+    if (chdir(dir) != 0) {
+        ret = -1;
+        goto exit;
+    }
+
+exit:
+#ifdef REALPATH_TAKES_NULL
+    free(rpath);
+#endif
+    return ret;
+}
+
 static struct dir *
 vol_tree_root(const struct vol *vol, u_int32_t did)
 {
@@ -818,7 +888,7 @@ static int deletedir(char *dir)
             break;
         }
         strcpy(path + len, de->d_name);
-        if (stat(path, &st)) {
+        if (lstat(path, &st)) {
             continue;
         }
         if (S_ISDIR(st.st_mode)) {
@@ -884,7 +954,7 @@ static int copydir(const struct vol *vol, char *src, char *dst)
         }
         strcpy(spath + slen, de->d_name);
 
-        if (stat(spath, &st) == 0) {
+        if (lstat(spath, &st) == 0) {
             if (strlen(de->d_name) > drem) {
                 err = AFPERR_PARAM;
                 break;
@@ -906,7 +976,7 @@ static int copydir(const struct vol *vol, char *src, char *dst)
     }
 
     /* keep the same time stamp. */
-    if (stat(src, &st) == 0) {
+    if (lstat(src, &st) == 0) {
         ut.actime = ut.modtime = st.st_mtime;
         utime(dst, &ut);
     }
@@ -1542,6 +1612,7 @@ int movecwd(struct vol *vol, struct dir *dir)
     struct dir  *d;
     char    *p, *u;
     int     n;
+    int     ret;
 
     if ( dir == curdir ) {
         return( 0 );
@@ -1571,16 +1642,23 @@ int movecwd(struct vol *vol, struct dir *dir)
         memcpy( p, u, n );
     }
     if ( d != curdir ) {
-        n = strlen( vol->v_path );
+        n = strlen( vol->v_realpath );
         if (p -n -1 < path) {
             afp_errno = AFPERR_PARAM;
             return -1;
         }
         *--p = '/';
         p -= n;
-        memcpy( p, vol->v_path, n );
+        memcpy( p, vol->v_realpath, n );
     }
-    if ( chdir( p ) < 0 ) {
+    if ( (ret = lchdir( p )) != 0 ) {
+        LOG(log_debug, logtype_afpd, "movecwd('%s'): ret:%d, %u/%s", p, ret, errno, strerror(errno));
+
+        if (ret == 1) {
+            /* p is a symlink */
+            afp_errno = AFPERR_BADTYPE;
+            return -1;
+        }
         switch (errno) {
         case EACCES:
         case EPERM:
@@ -2025,7 +2103,7 @@ int setdirparams(struct vol *vol,
     int         bit, isad = 1;
     int                 cdate, bdate;
     int                 owner, group;
-    u_int16_t       ashort, bshort;
+    u_int16_t       ashort, bshort, oshort;
     int                 err = AFP_OK;
     int                 change_mdate = 0;
     int                 change_parent_mdate = 0;
@@ -2181,14 +2259,14 @@ int setdirparams(struct vol *vol,
         case DIRPBIT_ATTR :
             if (isad) {
                 ad_getattr(&ad, &bshort);
-                if ((bshort & htons(ATTRBIT_INVISIBLE)) !=
-                    (ashort & htons(ATTRBIT_INVISIBLE) & htons(ATTRBIT_SETCLR)) )
-                    change_parent_mdate = 1;
+                oshort = bshort;
                 if ( ntohs( ashort ) & ATTRBIT_SETCLR ) {
                     bshort |= htons( ntohs( ashort ) & ~ATTRBIT_SETCLR );
                 } else {
                     bshort &= ~ashort;
                 }
+                if ((bshort & htons(ATTRBIT_INVISIBLE)) != (oshort & htons(ATTRBIT_INVISIBLE)))
+                    change_parent_mdate = 1;
                 ad_setattr(&ad, bshort);
             }
             break;