extern int relative_paths;
extern int sanitize_paths;
extern int curr_dir_depth;
+extern int curr_dir_len;
extern int module_id;
extern int rsync_port;
extern int whole_file;
extern char *rsync_path;
extern char *shell_cmd;
extern char *batch_name;
+extern char curr_dir[MAXPATHLEN];
extern struct filter_list_struct server_filter_list;
int local_server = 0;
+int new_root_dir = 0;
mode_t orig_umask = 0;
struct file_list *the_file_list;
return NULL;
/* See what currently exists at the destination. */
- if ((statret = safe_stat(dest_path, &st)) == 0) {
+ if ((statret = do_stat(dest_path, &st)) == 0) {
/* If the destination is a dir, enter it and use mode 1. */
if (S_ISDIR(st.st_mode)) {
- if (sanitize_paths)
- die_on_unsafe_path(dest_path, 0);
- if (!push_dir(dest_path)) {
+ if (!push_dir(dest_path, 0)) {
rsyserr(FERROR, errno, "push_dir#1 %s failed",
full_fname(dest_path));
exit_cleanup(RERR_FILESELECT);
}
return NULL;
}
- if (sanitize_paths && S_ISLNK(st.st_mode))
- die_on_unsafe_path(dest_path, 0);
if (flist->count > 1) {
rprintf(FERROR,
"ERROR: destination must be a directory when"
exit_cleanup(RERR_FILEIO);
}
+ new_root_dir = 1;
+
if (verbose)
rprintf(FINFO, "created directory %s\n", dest_path);
if (dry_run) {
- /* Indicate that the destination directory doesn't
- * really exist and return mode 1. */
+ /* Indicate that dest dir doesn't really exist. */
dry_run++;
- return NULL;
}
- if (sanitize_paths)
- die_on_unsafe_path(dest_path, 0);
- if (!push_dir(dest_path)) {
+ if (!push_dir(dest_path, dry_run > 1)) {
rsyserr(FERROR, errno, "push_dir#2 %s failed",
full_fname(dest_path));
exit_cleanup(RERR_FILESELECT);
dest_path = "/";
*cp = '\0';
- if (sanitize_paths)
- die_on_unsafe_path(dest_path, 0);
- if (!push_dir(dest_path)) {
+ if (!push_dir(dest_path, 0)) {
rsyserr(FERROR, errno, "push_dir#3 %s failed",
full_fname(dest_path));
exit_cleanup(RERR_FILESELECT);
return cp + 1;
}
+/* Call this if the destination dir (which is assumed to be in curr_dir)
+ * does not yet exist and we can't create it due to being in dry-run
+ * mode. We'll fix dirs that can be relative to the non-existent dir. */
+static void fix_basis_dirs(void)
+{
+ char **dir, *new, *slash;
+ int len;
+
+ if (dry_run <= 1)
+ return;
+
+ slash = strrchr(curr_dir, '/');
+
+ for (dir = basis_dir; *dir; dir++) {
+ if (**dir == '/')
+ continue;
+ len = curr_dir_len + 1 + strlen(*dir) + 1;
+ if (!(new = new_array(char, len)))
+ out_of_memory("fix_basis_dirs");
+ if (slash && strncmp(*dir, "../", 3) == 0) {
+ /* We want to remove only one leading "../" prefix for
+ * the directory we couldn't create in dry-run mode:
+ * this ensures that any other ".." references get
+ * evaluated the same as they would for a live copy. */
+ *slash = '\0';
+ pathjoin(new, len, curr_dir, *dir + 3);
+ *slash = '/';
+ } else
+ pathjoin(new, len, curr_dir, *dir);
+ *dir = new;
+ }
+}
/* This is only called by the sender. */
static void read_final_goodbye(int f_in, int f_out)
}
if (!relative_paths) {
- if (sanitize_paths)
- die_on_unsafe_path(dir, 0);
- if (!push_dir(dir)) {
+ if (!push_dir(dir, 0)) {
rsyserr(FERROR, errno, "push_dir#3 %s failed",
full_fname(dir));
exit_cleanup(RERR_FILESELECT);
dir = argv[0];
argc--;
argv++;
- if (!am_daemon && !push_dir(dir)) {
+ if (!am_daemon && !push_dir(dir, 0)) {
rsyserr(FERROR, errno, "push_dir#4 %s failed",
full_fname(dir));
exit_cleanup(RERR_FILESELECT);
char **dir;
for (dir = basis_dir; *dir; dir++) {
*dir = sanitize_path(NULL, *dir, NULL, curr_dir_depth, NULL);
- die_on_unsafe_path(*dir, 0);
}
if (partial_dir) {
partial_dir = sanitize_path(NULL, partial_dir, NULL, curr_dir_depth, NULL);
- /* A relative path gets this checked at every dir change. */
- if (*partial_dir == '/')
- die_on_unsafe_path(partial_dir, 0);
}
}
+ fix_basis_dirs();
+
if (server_filter_list.head) {
char **dir;
struct filter_list_struct *elp = &server_filter_list;
if (flist && flist->count > 0) {
local_name = get_local_name(flist, argv[0]);
+ fix_basis_dirs();
+
exit_code2 = do_recv(f_in, f_out, flist, local_name);
} else {
handle_stats(-1);
char cmd_buf[300];
int ret;
- sprintf(cmd_buf, get_panic_action(),
- getpid(), getpid());
+ snprintf(cmd_buf, sizeof cmd_buf, get_panic_action(),
+ getpid(), getpid());
/* Unless we failed to execute gdb, we allow the process to
* continue. I'm not sure if that's right. */
* (implemented by forking "pwd" and reading its output) doesn't
* work when there are other child processes. Also, on all systems
* that implement getcwd that way "pwd" can't be found after chroot. */
- push_dir(NULL);
+ push_dir(NULL, 0);
init_flist();