diff --git a/kernel/hal/hal.h b/kernel/hal/hal.h index dd74a89..9d7703d 100644 --- a/kernel/hal/hal.h +++ b/kernel/hal/hal.h @@ -18,6 +18,7 @@ size_t hal_strcspn(const char *s, const char *reject); size_t hal_strspn(const char *s, const char *accept); char *hal_strcpy(char *dest, const char *src); char *hal_strchr(const char *s, int c); +char *hal_strstr(const char *str, const char *substring); void hal_wait(uint32_t ms); int32_t hal_randnum(void); diff --git a/kernel/hal/util.c b/kernel/hal/util.c index 33f5696..d069310 100644 --- a/kernel/hal/util.c +++ b/kernel/hal/util.c @@ -109,3 +109,34 @@ char *hal_strchr(const char *s, int c) { } return NULL; } + +char *hal_strstr(const char *str, const char *substring) +{ + const char *a; + const char *b; + + b = substring; + + if (*b == 0) { + return (char *) str; + } + + for ( ; *str != 0; str += 1) { + if (*str != *b) { + continue; + } + + a = str; + while (1) { + if (*b == 0) { + return (char *) str; + } + if (*a++ != *b++) { + break; + } + } + b = substring; + } + + return NULL; +} diff --git a/kernel/path/path.c b/kernel/path/path.c index 4bb2717..973f9f2 100644 --- a/kernel/path/path.c +++ b/kernel/path/path.c @@ -1,4 +1,5 @@ #include "path.h" +#include "hal/hal.h" void path_parse(const char *in, char *mp, char *path) { if (in == 0 || *in == 0) { @@ -37,5 +38,18 @@ void path_parse(const char *in, char *mp, char *path) { } else { path[j] = 0; } + + if (path[0] != '/') { + mp[0] = 0; + path[0] = 0; + return; + } + + if (hal_strstr(path, "/../") || hal_strstr(path, "/./") + || hal_strcmp(path, "..") == 0 || hal_strcmp(path, ".") == 0) { + mp[0] = 0; + path[0] = 0; + return; + } } diff --git a/ulib/fs/path.c b/ulib/fs/path.c index 44251c8..f3d8d83 100644 --- a/ulib/fs/path.c +++ b/ulib/fs/path.c @@ -38,6 +38,19 @@ void path_parse(const char *in, char *mp, char *path) { } else { path[j] = 0; } + + if (path[0] != '/') { + mp[0] = 0; + path[0] = 0; + return; + } + + if (string_strstr(path, "/../") || string_strstr(path, "/./") + || string_strcmp(path, "..") == 0 || string_strcmp(path, ".") == 0) { + mp[0] = 0; + path[0] = 0; + return; + } } const char *path_basename(const char *path) { diff --git a/ulib/string/string.c b/ulib/string/string.c index e88385a..265a7f2 100644 --- a/ulib/string/string.c +++ b/ulib/string/string.c @@ -282,3 +282,34 @@ void * string_memmove(void* dest, const void* src, unsigned int n) } return dest; } + +char *string_strstr(const char *str, const char *substring) +{ + const char *a; + const char *b; + + b = substring; + + if (*b == 0) { + return (char *) str; + } + + for ( ; *str != 0; str += 1) { + if (*str != *b) { + continue; + } + + a = str; + while (1) { + if (*b == 0) { + return (char *) str; + } + if (*a++ != *b++) { + break; + } + } + b = substring; + } + + return NULL; +} diff --git a/ulib/string/string.h b/ulib/string/string.h index daee531..eb06f18 100644 --- a/ulib/string/string.h +++ b/ulib/string/string.h @@ -20,6 +20,7 @@ char *string_tokenizealloc(char *s, char *delim); char *string_tokenizealloc_linecontinue(char *s, char *delim); char *string_combine(char *dest, const char *src); void * string_memmove(void* dest, const void* src, unsigned int n); +char *string_strstr(const char *str, const char *substring); #endif