From ff7264380507bde532394739d3744130f6d85df8 Mon Sep 17 00:00:00 2001 From: Ralph Boehme Date: Tue, 17 Jun 2014 17:02:20 +0200 Subject: [PATCH] Unarchiving certain ZIP archives fails, bug #569 The current code that checks whether the client is allowed to use pathnames starting with ._ checks whether the file is an AppleDouble file, and if it is and the filler does not contain the magic string "Mac OS X", access to the file is denied. This results in the following sequence of steps: * client created empty file "._NAME" * client wants to stat the newly created file "._NAME" * server checks whether access to the file is allowed * check fails Modify check in ad_valid_header_osx() to allow access to all .- AppleDouble files where the filler string is not "Netatalk", which is the magic string Netatalk puts there. Signed-off-by: Ralph Boehme --- NEWS | 1 + include/atalk/adouble.h | 6 ++++++ libatalk/adouble/ad_flush.c | 2 +- libatalk/adouble/ad_open.c | 4 +++- 4 files changed, 11 insertions(+), 2 deletions(-) diff --git a/NEWS b/NEWS index f4cab3d6..10b6b61d 100644 --- a/NEWS +++ b/NEWS @@ -3,6 +3,7 @@ Changes in 3.1.3 * UPD: Spotlight: more SPARQL query optimisations * UPD: Spotlight: new options "sparql results limit", "spotlight attributes" and "spotlight expr" +* FIX: afpd: Unarchiving certain ZIP archives fails, bug #569 Changes in 3.1.2 ================ diff --git a/include/atalk/adouble.h b/include/atalk/adouble.h index 1881ba02..f279d28c 100644 --- a/include/atalk/adouble.h +++ b/include/atalk/adouble.h @@ -348,6 +348,12 @@ struct adouble { #define AD_AFPFILEI_GROUP (1 << 1) /* ignore group */ #define AD_AFPFILEI_BLANKACCESS (1 << 2) /* blank access permissions */ +/* + * String identifiers for the 16 AppleDouble filler bytes + */ +#define AD_FILLER_NETATALK "Netatalk " +#define AD_FILLER_OSX "Mac OS X" + #define ad_data_fileno(ad) ((ad)->ad_data_fork.adf_fd) #define ad_reso_fileno(ad) ((ad)->ad_rfp->adf_fd) #define ad_meta_fileno(ad) ((ad)->ad_mdp->adf_fd) diff --git a/libatalk/adouble/ad_flush.c b/libatalk/adouble/ad_flush.c index fc95412c..6e214863 100644 --- a/libatalk/adouble/ad_flush.c +++ b/libatalk/adouble/ad_flush.c @@ -164,7 +164,7 @@ int ad_rebuild_adouble_header_osx(struct adouble *ad, char *adbuf) memcpy(buf, &temp, sizeof( temp )); buf += sizeof( temp ); - memcpy(buf, "Netatalk ", 16); + memcpy(buf, AD_FILLER_NETATALK, strlen(AD_FILLER_NETATALK)); buf += sizeof( ad->ad_filler ); nent = htons(ADEID_NUM_OSX); diff --git a/libatalk/adouble/ad_open.c b/libatalk/adouble/ad_open.c index 0c6af70a..85a32a11 100644 --- a/libatalk/adouble/ad_open.c +++ b/libatalk/adouble/ad_open.c @@ -540,7 +540,9 @@ int ad_valid_header_osx(const char *path) EC_FAIL; } - if (strncmp(buf + ADEDOFF_FILLER, "Mac OS X", strlen("Mac OS X")) == 0) + if (strncmp(buf + ADEDOFF_FILLER, + AD_FILLER_NETATALK, + strlen(AD_FILLER_NETATALK)) != 0) /* * It's a split fork created by OS X, it's not our "own" ._ file * and thus not a valid header in this context. -- 2.39.2