Check if file or dir is .. (#711)

* Check if file or dir is .. * Diff and check name is .. * Go diff and check name is .. * Check if ignore new name or name --------- Co-authored-by: 杨赫然 <heran.yang@seafile.com>
2025-04-27 19:15:07 +00:00 · 2024-10-31 17:13:23 +08:00 · 2024-10-31 17:13:23 +08:00 · aee8be7942
commit aee8be7942
parent 5e6c0974e6
4 changed files with 111 additions and 0 deletions
--- a/fileserver/fileop.go
+++ b/fileserver/fileop.go
@ -2126,7 +2126,21 @@ func nameExists(entries []*fsmgr.SeafDirent, fileName string) bool {
 	return false
 }

+func shouldIgnore(fileName string) bool {
+	parts := strings.Split(fileName, "/")
+	for _, name := range parts {
+		if name == ".." {
+			return true
+		}
+	}
+	return false
+}
+
 func shouldIgnoreFile(fileName string) bool {
+	if shouldIgnore(fileName) {
+		return true
+	}
+
 	if !utf8.ValidString(fileName) {
 		log.Printf("file name %s contains non-UTF8 characters, skip", fileName)
 		return true
--- a/fileserver/sync_api.go
+++ b/fileserver/sync_api.go
@ -1041,6 +1041,11 @@ func putUpdateBranchCB(rsp http.ResponseWriter, r *http.Request) *appError {
 		return &appError{err, "", http.StatusInternalServerError}
 	}

+	if includeInvalidPath(base, newCommit) {
+		msg := fmt.Sprintf("Dir or file name is ..")
+		return &appError{nil, msg, http.StatusBadRequest}
+	}
+
 	ret, err := checkQuota(repoID, 0)
 	if err != nil {
 		err := fmt.Errorf("Failed to check quota: %v", err)
@ -1064,6 +1069,28 @@ func putUpdateBranchCB(rsp http.ResponseWriter, r *http.Request) *appError {
 	return nil
 }

+func includeInvalidPath(baseCommit, newCommit *commitmgr.Commit) bool {
+	var results []*diff.DiffEntry
+	if err := diff.DiffCommits(baseCommit, newCommit, &results, true); err != nil {
+		log.Infof("Failed to diff commits: %v", err)
+		return false
+	}
+
+	for _, entry := range results {
+		if entry.NewName != "" {
+			if shouldIgnore(entry.NewName) {
+				return true
+			}
+		} else {
+			if shouldIgnore(entry.Name) {
+				return true
+			}
+		}
+	}
+
+	return false
+}
+
 func getHeadCommit(rsp http.ResponseWriter, r *http.Request) *appError {
 	vars := mux.Vars(r)
 	repoID := vars["repoid"]
--- a/server/http-server.c
+++ b/server/http-server.c
@ -1028,6 +1028,57 @@ out:
    return ret;
 }

+gboolean
+should_ignore (const char *filename)
+{
+    char **components = g_strsplit (filename, "/", -1);
+    int n_comps = g_strv_length (components);
+    int j = 0;
+    char *file_name;
+
+    for (; j < n_comps; ++j) {
+        file_name = components[j];
+        if (g_strcmp0(file_name, "..") == 0) {
+            g_strfreev (components);
+            return TRUE;
+        }
+    }
+    g_strfreev (components);
+
+    return FALSE;
+}
+
+static gboolean
+include_invalid_path (SeafCommit *base_commit, SeafCommit *new_commit) {
+    GList *diff_entries = NULL;
+    gboolean ret = FALSE;
+
+    int rc = diff_commits (base_commit, new_commit, &diff_entries, TRUE);
+    if (rc < 0) {
+        seaf_warning ("Failed to check invalid path.\n");
+        return FALSE;
+    }
+
+    GList *ptr;
+    DiffEntry *diff_entry;
+    for (ptr = diff_entries; ptr; ptr = ptr->next) {
+        diff_entry = ptr->data;
+        if (diff_entry->new_name) {
+            if (should_ignore(diff_entry->new_name)) {
+                ret = TRUE;
+                break;
+            }
+        } else {
+            if (should_ignore(diff_entry->name)) {
+                ret = TRUE;
+                break;
+            }
+        }
+    }
+
+    return ret;
+}
+
 static void
 put_update_branch_cb (evhtp_request_t *req, void *arg)
 {
@ -1084,6 +1135,11 @@ put_update_branch_cb (evhtp_request_t *req, void *arg)
        goto out;
    }

+    if (include_invalid_path (base, new_commit)) {
+        evhtp_send_reply (req, EVHTP_RES_BADREQ);
+        goto out;
+    }
+
    if (seaf_quota_manager_check_quota (seaf->quota_mgr, repo_id) < 0) {
        evhtp_send_reply (req, SEAF_HTTP_RES_NOQUOTA);
        goto out;
--- a/server/repo-mgr.c
+++ b/server/repo-mgr.c
@ -242,6 +242,20 @@ should_ignore_file(const char *filename, void *data)
 {
    /* GPatternSpec **spec = ignore_patterns; */

+    char **components = g_strsplit (filename, "/", -1);
+    int n_comps = g_strv_length (components);
+    int j = 0;
+    char *file_name;
+
+    for (; j < n_comps; ++j) {
+        file_name = components[j];
+        if (g_strcmp0(file_name, "..") == 0) {
+            g_strfreev (components);
+            return TRUE;
+        }
+    }
+    g_strfreev (components);
+
    if (!g_utf8_validate (filename, -1, NULL)) {
        seaf_warning ("File name %s contains non-UTF8 characters, skip.\n", filename);
        return TRUE;