|
Link Here
|
| 2005 |
|
2005 |
|
| 2006 |
/* opens a file for output, returns success */ |
2006 |
/* opens a file for output, returns success */ |
| 2007 |
int file_open(struct file *fi, int lower, char *dir) { |
2007 |
int file_open(struct file *fi, int lower, char *dir) { |
| 2008 |
char c, *s, *d, *name; |
2008 |
char c, *s, *d, *name, *p; |
| 2009 |
int ok = 0; |
2009 |
int ok = 0; |
| 2010 |
|
2010 |
|
| 2011 |
if (!(name = malloc(strlen(fi->filename) + (dir ? strlen(dir) : 0) + 2))) { |
2011 |
if (!(name = malloc(strlen(fi->filename) + (dir ? strlen(dir) : 0) + 2))) { |
|
Link Here
|
| 2036 |
*d++ = (c=='/') ? '\\' : ((c=='\\') ? '/' : |
2036 |
*d++ = (c=='/') ? '\\' : ((c=='\\') ? '/' : |
| 2037 |
(lower ? tolower((unsigned char) c) : c)); |
2037 |
(lower ? tolower((unsigned char) c) : c)); |
| 2038 |
} while (c); |
2038 |
} while (c); |
| 2039 |
|
2039 |
|
|
|
2040 |
/* search for "../" in cab filename part and change to "xx/". This |
| 2041 |
* prevents any unintended directory traversal. */ |
| 2042 |
for (p = &name[dir ? strlen(dir)+1 : 0]; *p; p++) { |
| 2043 |
if ((p[0] == '.') && (p[1] == '.') && (p[2] == '/')) { |
| 2044 |
p[0] = p[1] = 'x'; |
| 2045 |
p += 2; |
| 2046 |
} |
| 2047 |
} |
| 2048 |
|
| 2040 |
/* create directories if needed, attempt to write file */ |
2049 |
/* create directories if needed, attempt to write file */ |
| 2041 |
if (ensure_filepath(name)) { |
2050 |
if (ensure_filepath(name)) { |
| 2042 |
fi->fh = fopen(name, "wb"); |
2051 |
fi->fh = fopen(name, "wb"); |