diff options
author | Chris Liddell <chris.liddell@artifex.com> | 2021-02-11 09:27:23 +0000 |
---|---|---|
committer | Chris Liddell <chris.liddell@artifex.com> | 2021-02-15 14:43:22 +0000 |
commit | 1efe1f702f9723dec2803395cf4679593987c422 (patch) | |
tree | 5855a687e5382fb27c9de9cb4f5b04a3481da3dc /base/gslibctx.c | |
parent | 0ca4ae94020a1e3b48c337759ccb9fc0b3af61ec (diff) | |
download | ghostpdl-1efe1f702f9723dec2803395cf4679593987c422.tar.gz |
Bug 703550: handle escaped percent chars in file access controls
The separating devices make a (fairly blunt) effort to avoid attempting to use
proscribed characters in file names for separations (for example, '/', '\',
etc). As part of this some characters can be replaced with escaped percent
chars - so the single percent character survives a later call to a formatted
string function (sprintf).
This ended up foxing the file access validation code which added the fully
escaped file name string to the permit write table, but later attempted to
validate a file name post sprintf, where the escaping had been undone.
So, add code to remove escape '%' characters before adding the string to the
file access permit lists.
Diffstat (limited to 'base/gslibctx.c')
-rw-r--r-- | base/gslibctx.c | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/base/gslibctx.c b/base/gslibctx.c index 85e5a2d04..c12e624c2 100644 --- a/base/gslibctx.c +++ b/base/gslibctx.c @@ -629,7 +629,18 @@ rewrite_percent_specifiers(char *s) *s == 'X') { /* Success! */ memset(match_start, '*', s - match_start + 1); - return; + } + /* If we have escaped percents ("%%") so the percent + will survive a call to sprintf and co, then we need + to drop the extra one here, because the validation + code will see the string *after* it's been sprintf'ed. + */ + else if (*s == '%') { + char *s0 = s; + while (*s0) { + *s0 = *(s0 + 1); + s0++; + } } } } |