================
* FIX: papd: Remove variable expansion for BSD printers. Fixes CVE-2008-5718.
+* FIX: afpd: .AppleDxxx folders were user accessible if option 'usedots'
+ was set
Changes in 2.0.4
================
/*
- * $Id: directory.c,v 1.71.2.4.2.15.2.11 2009-01-28 05:37:57 didg Exp $
+ * $Id: directory.c,v 1.71.2.4.2.15.2.12 2009-07-20 18:29:56 didg Exp $
*
* Copyright (c) 1990,1993 Regents of The University of Michigan.
* All Rights Reserved. See COPYRIGHT.
afp_errno = AFPERR_PARAM;
return NULL;
}
+
+ if (check_name(vol, path->u_name)) {
+ /* the name is illegal */
+ afp_errno = AFPERR_PARAM;
+ return NULL;
+ }
+
if (of_stat( path ) != 0 ) {
return( NULL );
}
return AFPERR_EXIST;
upath = s_path->u_name;
- if (0 != (err = check_name(vol, upath))) {
- return err;
- }
if (AFP_OK != (err = netatalk_mkdir( upath))) {
return err;
/*
- * $Id: file.c,v 1.92.2.2.2.31.2.23 2008-12-23 09:39:02 didg Exp $
+ * $Id: file.c,v 1.92.2.2.2.31.2.24 2009-07-20 18:29:56 didg Exp $
*
* Copyright (c) 1990,1993 Regents of The University of Michigan.
* All Rights Reserved. See COPYRIGHT.
char *path, *upath;
int creatf, did, openf, retvalue = AFP_OK;
u_int16_t vid;
- int ret;
struct path *s_path;
#ifdef DEBUG
}
upath = s_path->u_name;
- if (0 != (ret = check_name(vol, upath)))
- return ret;
/* if upath is deleted we already in trouble anyway */
if ((of = of_findname(s_path))) {