* Stat either a symlink or its referent, depending on the settings of
* copy_links, copy_unsafe_links, etc.
*
- * @return -1 on error; or 0. If a symlink, then @p Linkbuf (of size
+ * @retval -1 on error
+ *
+ * @retval 0 for success
+ *
+ * @post If @p path is a symlink, then @p linkbuf (of size @c
* MAXPATHLEN) contains the symlink target.
+ *
+ * @post @p buffer contains information about the link or the
+ * referrent as appropriate, if they exist.
**/
int readlink_stat(const char *path, STRUCT_STAT * buffer, char *linkbuf)
{
static char curr_dir[MAXPATHLEN];
-/** like chdir() but can be reversed with pop_dir() if save is set. It
- is also much faster as it remembers where we have been */
+/**
+ * Like chdir() but can be reversed with pop_dir() if @p save is set.
+ * It is also much faster as it remembers where we have been.
+ **/
char *push_dir(char *dir, int save)
{
char *ret = curr_dir;
return ret;
}
-/** Reverse a push_dir call */
+/** Reverse a push_dir() call */
int pop_dir(char *dir)
{
int ret;
* else's machine it might allow them to establish a symlink to
* /etc/passwd, and then read it through a web server.
*
+ * Null symlinks and absolute symlinks are always unsafe.
+ *
+ * Basically here we are concerned with symlinks whose target contains
+ * "..", because this might cause us to walk back up out of the
+ * transferred directory. We are not allowed to go back up and
+ * reenter.
+ *
* @param dest Target of the symlink in question.
*
* @param src Top source directory currently applicable. Basically this
*
* @retval True if unsafe
* @retval False is unsafe
+ *
+ * @sa t_unsafe.c
**/
int unsafe_symlink(char *dest, char *src)
{