diff options
author | Chris Liddell <chris.liddell@artifex.com> | 2018-08-21 20:17:05 +0100 |
---|---|---|
committer | Chris Liddell <chris.liddell@artifex.com> | 2018-08-23 10:23:18 +0100 |
commit | 0d3901189f245232f0161addf215d7268c4d05a3 (patch) | |
tree | 07ac290a40b1405d703fecf297a2c192df93139a | |
parent | c3476dde7743761a4e1d39a631716199b696b880 (diff) |
Bug 699657: properly apply file permissions to .tempfile
-rw-r--r-- | psi/zfile.c | 20 |
1 files changed, 18 insertions, 2 deletions
diff --git a/psi/zfile.c b/psi/zfile.c index a0acd5a2e..19996b09c 100644 --- a/psi/zfile.c +++ b/psi/zfile.c | |||
@@ -134,7 +134,7 @@ check_file_permissions_reduced(i_ctx_t *i_ctx_p, const char *fname, int len, | |||
134 | /* we're protecting arbitrary file system accesses, not Postscript device accesses. | 134 | /* we're protecting arbitrary file system accesses, not Postscript device accesses. |
135 | * Although, note that %pipe% is explicitly checked for and disallowed elsewhere | 135 | * Although, note that %pipe% is explicitly checked for and disallowed elsewhere |
136 | */ | 136 | */ |
137 | if (iodev != iodev_default(imemory)) { | 137 | if (iodev && iodev != iodev_default(imemory)) { |
138 | return 0; | 138 | return 0; |
139 | } | 139 | } |
140 | 140 | ||
@@ -734,7 +734,23 @@ ztempfile(i_ctx_t *i_ctx_p) | |||
734 | } | 734 | } |
735 | 735 | ||
736 | if (gp_file_name_is_absolute(pstr, strlen(pstr))) { | 736 | if (gp_file_name_is_absolute(pstr, strlen(pstr))) { |
737 | if (check_file_permissions(i_ctx_p, pstr, strlen(pstr), | 737 | int plen = strlen(pstr); |
738 | const char *sep = gp_file_name_separator(); | ||
739 | #ifdef DEBUG | ||
740 | int seplen = strlen(sep); | ||
741 | if (seplen != 1) | ||
742 | return_error(gs_error_Fatal); | ||
743 | #endif | ||
744 | /* strip off the file name prefix, leave just the directory name | ||
745 | * so we can check if we are allowed to write to it | ||
746 | */ | ||
747 | for ( ; plen >=0; plen--) { | ||
748 | if (pstr[plen] == sep[0]) | ||
749 | break; | ||
750 | } | ||
751 | memcpy(fname, pstr, plen); | ||
752 | fname[plen] = '\0'; | ||
753 | if (check_file_permissions(i_ctx_p, fname, strlen(fname), | ||
738 | NULL, "PermitFileWriting") < 0) { | 754 | NULL, "PermitFileWriting") < 0) { |
739 | code = gs_note_error(gs_error_invalidfileaccess); | 755 | code = gs_note_error(gs_error_invalidfileaccess); |
740 | goto done; | 756 | goto done; |