X-Git-Url: https://mattmccutchen.net/rsync/rsync.git/blobdiff_plain/d853783f213a67f9461c1f72eb612bc3c99f87be..4b957c22381cf1848ff6a5e59249bb71ba79e9fa:/util.c

diff --git a/util.c b/util.c
index 15ab69d2..bfa35f18 100644
--- a/util.c
+++ b/util.c
@@ -710,3 +710,50 @@ void show_progress(OFF_T ofs, OFF_T size)
 		}
 	}
 }
+
+/* determine if a symlink points outside the current directory tree */
+int unsafe_symlink(char *dest, char *src)
+{
+	char *tok;
+	int depth = 0;
+
+	/* all absolute and null symlinks are unsafe */
+	if (!dest || !(*dest) || (*dest == '/')) return 1;
+
+	src = strdup(src);
+	if (!src) out_of_memory("unsafe_symlink");
+
+	/* find out what our safety margin is */
+	for (tok=strtok(src,"/"); tok; tok=strtok(NULL,"/")) {
+		if (strcmp(tok,"..") == 0) {
+			depth=0;
+		} else if (strcmp(tok,".") == 0) {
+			/* nothing */
+		} else {
+			depth++;
+		}
+	}
+	free(src);
+
+	/* drop by one to account for the filename portion */
+	depth--;
+
+	dest = strdup(dest);
+	if (!dest) out_of_memory("unsafe_symlink");
+
+	for (tok=strtok(dest,"/"); tok; tok=strtok(NULL,"/")) {
+		if (strcmp(tok,"..") == 0) {
+			depth--;
+		} else if (strcmp(tok,".") == 0) {
+			/* nothing */
+		} else {
+			depth++;
+		}
+		/* if at any point we go outside the current directory then
+		   stop - it is unsafe */
+		if (depth < 0) break;
+	}
+
+	free(dest);
+	return (depth < 0);
+}