37 lines
1.2 KiB
Diff
37 lines
1.2 KiB
Diff
From bda2e4ead15ec9f8d043597f59ad6cdf1e8a5fe7 Mon Sep 17 00:00:00 2001
|
|
From: fiaxh <git@lightrise.org>
|
|
Date: Mon, 7 Jun 2021 09:56:25 -0600
|
|
Subject: [PATCH] Fix file traversal issue on incoming file transfers
|
|
|
|
Fixes CVE-2021-33896
|
|
---
|
|
libdino/src/entity/file_transfer.vala | 13 ++++++++++++-
|
|
1 file changed, 12 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/libdino/src/entity/file_transfer.vala b/libdino/src/entity/file_transfer.vala
|
|
index a8e386b..1823478 100644
|
|
--- a/libdino/src/entity/file_transfer.vala
|
|
+++ b/libdino/src/entity/file_transfer.vala
|
|
@@ -45,7 +45,18 @@ public class FileTransfer : Object {
|
|
}
|
|
}
|
|
|
|
- public string file_name { get; set; }
|
|
+ private string file_name_;
|
|
+ public string file_name {
|
|
+ get { return file_name_; }
|
|
+ set {
|
|
+ file_name_ = Path.get_basename(value);
|
|
+ if (file_name_ == Path.DIR_SEPARATOR_S || file_name_ == ".") {
|
|
+ file_name_ = "unknown filename";
|
|
+ } else if (file_name_.has_prefix(".")) {
|
|
+ file_name_ = "_" + file_name_;
|
|
+ }
|
|
+ }
|
|
+ }
|
|
private string? server_file_name_ = null;
|
|
public string server_file_name {
|
|
get { return server_file_name_ ?? file_name; }
|
|
--
|
|
2.31.1
|
|
|