From: Wayne Davison <wayned@samba.org>
Date: Sun, 16 Dec 2007 22:16:37 +0000 (-0800)
Subject: Fixed the check_filter() calls that might be checking an absolute path
X-Git-Url: https://mattmccutchen.net/rsync/rsync.git/commitdiff_plain/a10186910dc0771ea907f92b1364cbb4912f37e3

Fixed the check_filter() calls that might be checking an absolute path
in "use chroot = no" mode against a daemon's exclude restriction.
---

diff --git a/main.c b/main.c
index b2dcb523..ba470481 100644
--- a/main.c
+++ b/main.c
@@ -65,6 +65,7 @@ extern int batch_fd;
 extern int filesfrom_fd;
 extern int connect_timeout;
 extern pid_t cleanup_child_pid;
+extern unsigned int module_dirlen;
 extern struct stats stats;
 extern char *filesfrom_host;
 extern char *partial_dir;
@@ -332,7 +333,6 @@ static pid_t do_cmd(char *cmd, char *machine, char *user, char **remote_argv, in
 	int i, argc = 0;
 	char *args[MAX_ARGS];
 	pid_t ret;
-	char *dir = NULL;
 	int dash_l_set = 0;
 
 	if (!read_batch && !local_server) {
@@ -508,9 +508,6 @@ static pid_t do_cmd(char *cmd, char *machine, char *user, char **remote_argv, in
 			ret = piped_child(args, f_in_p, f_out_p);
 	}
 
-	if (dir)
-		free(dir);
-
 	return ret;
 
   oom:
@@ -869,7 +866,6 @@ static void do_server_recv(int f_in, int f_out, int argc, char *argv[])
 	int exit_code;
 	struct file_list *flist;
 	char *local_name = NULL;
-	char *dir = NULL;
 	int save_verbose = verbose;
 
 	if (filesfrom_fd >= 0) {
@@ -890,7 +886,7 @@ static void do_server_recv(int f_in, int f_out, int argc, char *argv[])
 	}
 
 	if (argc > 0) {
-		dir = argv[0];
+		char *dir = argv[0];
 		argc--;
 		argv++;
 		if (!am_daemon && !push_dir(dir, 0)) {
@@ -940,15 +936,18 @@ static void do_server_recv(int f_in, int f_out, int argc, char *argv[])
 	check_alt_basis_dirs();
 
 	if (server_filter_list.head) {
-		char **dir;
+		char **dir_p;
 		struct filter_list_struct *elp = &server_filter_list;
 
-		for (dir = basis_dir; *dir; dir++) {
-			if (check_filter(elp, *dir, 1) < 0)
+		for (dir_p = basis_dir; *dir_p; dir_p++) {
+			char *dir = *dir_p;
+			if (*dir == '/')
+				dir += module_dirlen;
+			if (check_filter(elp, dir, 1) < 0)
 				goto options_rejected;
 		}
 		if (partial_dir && *partial_dir == '/'
-		 && check_filter(elp, partial_dir, 1) < 0) {
+		 && check_filter(elp, partial_dir + module_dirlen, 1) < 0) {
 		    options_rejected:
 			rprintf(FERROR,
 				"Your options have been rejected by the server.\n");
diff --git a/options.c b/options.c
index d3846de3..11249c07 100644
--- a/options.c
+++ b/options.c
@@ -27,6 +27,7 @@
 extern int module_id;
 extern int sanitize_paths;
 extern int daemon_over_rsh;
+extern unsigned int module_dirlen;
 extern struct filter_list_struct filter_list;
 extern struct filter_list_struct server_filter_list;
 
@@ -1007,13 +1008,14 @@ int parse_arguments(int *argc_p, const char ***argv_p, int frommain)
 				arg = sanitize_path(NULL, arg, NULL, 0);
 			if (server_filter_list.head) {
 				int rej;
-				char *cp = strdup(arg);
+				char *dir, *cp = strdup(arg);
 				if (!cp)
 					out_of_memory("parse_arguments");
 				if (!*cp)
 					goto options_rejected;
-				clean_fname(cp, CFN_COLLAPSE_DOT_DOT_DIRS);
-				rej = check_filter(&server_filter_list, cp, 0) < 0;
+				dir = cp + (*cp == '/' ? module_dirlen : 0);
+				clean_fname(dir, CFN_COLLAPSE_DOT_DOT_DIRS);
+				rej = check_filter(&server_filter_list, dir, 0) < 0;
 				free(cp);
 				if (rej)
 					goto options_rejected;
@@ -1406,17 +1408,21 @@ int parse_arguments(int *argc_p, const char ***argv_p, int frommain)
 	if (server_filter_list.head && !am_sender) {
 		struct filter_list_struct *elp = &server_filter_list;
 		if (tmpdir) {
+			char *dir;
 			if (!*tmpdir)
 				goto options_rejected;
-			clean_fname(tmpdir, CFN_COLLAPSE_DOT_DOT_DIRS);
-			if (check_filter(elp, tmpdir, 1) < 0)
+			dir = tmpdir + (*tmpdir == '/' ? module_dirlen : 0);
+			clean_fname(dir, CFN_COLLAPSE_DOT_DOT_DIRS);
+			if (check_filter(elp, dir, 1) < 0)
 				goto options_rejected;
 		}
 		if (backup_dir) {
+			char *dir;
 			if (!*backup_dir)
 				goto options_rejected;
-			clean_fname(backup_dir, CFN_COLLAPSE_DOT_DOT_DIRS);
-			if (check_filter(elp, backup_dir, 1) < 0)
+			dir = backup_dir + (*backup_dir == '/' ? module_dirlen : 0);
+			clean_fname(dir, CFN_COLLAPSE_DOT_DOT_DIRS);
+			if (check_filter(elp, dir, 1) < 0)
 				goto options_rejected;
 		}
 	}
@@ -1607,10 +1613,12 @@ int parse_arguments(int *argc_p, const char ***argv_p, int frommain)
 			if (sanitize_paths)
 				files_from = sanitize_path(NULL, files_from, NULL, 0);
 			if (server_filter_list.head) {
+				char *dir;
 				if (!*files_from)
 					goto options_rejected;
-				clean_fname(files_from, CFN_COLLAPSE_DOT_DOT_DIRS);
-				if (check_filter(&server_filter_list, files_from, 0) < 0)
+				dir = files_from + (*files_from == '/' ? module_dirlen : 0);
+				clean_fname(dir, CFN_COLLAPSE_DOT_DOT_DIRS);
+				if (check_filter(&server_filter_list, dir, 0) < 0)
 					goto options_rejected;
 			}
 			filesfrom_fd = open(files_from, O_RDONLY|O_BINARY);