extern int recurse;
extern int relative_paths;
extern int sanitize_paths;
+extern int curr_dir_depth;
extern int module_id;
extern int rsync_port;
extern int whole_file;
extern char *shell_cmd;
extern char *batch_name;
-extern char curr_dir[MAXPATHLEN];
-
int local_server = 0;
mode_t orig_umask = 0;
struct file_list *the_file_list;
* it and use mode 1. If there is something other than a directory
* at the destination path, we must be transferring one file
* (anything at the destination will be overwritten). */
- if (do_stat(dest_path, &st) == 0) {
+ if (safe_stat(dest_path, &st) == 0) {
if (S_ISDIR(st.st_mode)) {
+ if (sanitize_paths)
+ die_on_unsafe_path(dest_path, 0);
if (!push_dir(dest_path)) {
rsyserr(FERROR, errno, "push_dir#1 %s failed",
full_fname(dest_path));
}
return NULL;
}
+ if (sanitize_paths && S_ISLNK(st.st_mode))
+ die_on_unsafe_path(dest_path, 0);
if (flist->count > 1) {
rprintf(FERROR,
"ERROR: destination must be a directory when"
return NULL;
}
+ if (sanitize_paths)
+ die_on_unsafe_path(dest_path, 0);
if (!push_dir(dest_path)) {
rsyserr(FERROR, errno, "push_dir#2 %s failed",
full_fname(dest_path));
dest_path = "/";
*cp = '\0';
+ if (sanitize_paths)
+ die_on_unsafe_path(dest_path, 0);
if (!push_dir(dest_path)) {
rsyserr(FERROR, errno, "push_dir#3 %s failed",
full_fname(dest_path));
return;
}
- if (!relative_paths && !push_dir(dir)) {
- rsyserr(FERROR, errno, "push_dir#3 %s failed",
- full_fname(dir));
- exit_cleanup(RERR_FILESELECT);
+ if (!relative_paths) {
+ if (sanitize_paths)
+ die_on_unsafe_path(dir, 0);
+ if (!push_dir(dir)) {
+ rsyserr(FERROR, errno, "push_dir#3 %s failed",
+ full_fname(dir));
+ exit_cleanup(RERR_FILESELECT);
+ }
}
argc--;
argv++;
/* Now that we know what our destination directory turned out to be,
* we can sanitize the --link-/copy-/compare-dest args correctly. */
if (sanitize_paths) {
- char *dest_path = curr_dir + strlen(lp_path(module_id));
- int dest_depth = count_dir_elements(dest_path);
char **dir;
for (dir = basis_dir; *dir; dir++)
- *dir = sanitize_path(NULL, *dir, NULL, dest_depth);
+ *dir = sanitize_path(NULL, *dir, NULL, curr_dir_depth, NULL);
}
exit_code = do_recv(f_in,f_out,flist,local_name);