Fossil

Check-in [928b023cb7]
Login
Home Timeline Docs Forum Download

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Additional defenses against doing "fossil add" of files that are beneath symlinks.
Downloads: Tarball | ZIP archive
Timelines: family | ancestors | descendants | both | sec2020
Files: files | file ages | folders
SHA3-256: 928b023cb7d101b057a9c325b3c5ec8db75bb94cdd06cea0e2699a0d2ee2639b
User & Date: drh 2020-08-19 12:22:48.647
Context
2020-08-19
12:58
Merge additional symlink fixes. Back out comment-only changes from url.c. ... (check-in: 0ea17c2b11 user: drh tags: sec2020-2.12-patch)
12:26
Fix harmless compiler warnings. ... (check-in: feef827504 user: drh tags: sec2020)
12:22
Additional defenses against doing "fossil add" of files that are beneath symlinks. ... (check-in: 928b023cb7 user: drh tags: sec2020)
12:08
Improved detection of attempts to write through a symlink. Now also works for "revert", "stash", and "undo/redo". ... (check-in: f63297b2c5 user: drh tags: sec2020)
Changes
Unified Diff Ignore Whitespace Patch
Changes to src/add.c. 
154
155
156
157
158
159
160

161
162
163
164
165
166
167
168
169
170
171
172




173
174
175
176

177
178
179
180
181
182
183
184
185
186

**
** Omit any file whose name is pOmit.
*/
static int add_one_file(
  const char *zPath,   /* Tree-name of file to add. */
  int vid              /* Add to this VFILE */
){

  if( !file_is_simple_pathname(zPath, 1) ){
    fossil_warning("filename contains illegal characters: %s", zPath);
    return 0;
  }
  if( db_exists("SELECT 1 FROM vfile"
                " WHERE pathname=%Q %s", zPath, filename_collation()) ){
    db_multi_exec("UPDATE vfile SET deleted=0"
                  " WHERE pathname=%Q %s AND deleted",
                  zPath, filename_collation());
  }else{
    char *zFullname = mprintf("%s%s", g.zLocalRoot, zPath);
    int isExe = file_isexe(zFullname, RepoFILE);




    db_multi_exec(
      "INSERT INTO vfile(vid,deleted,rid,mrid,pathname,isexe,islink,mhash)"
      "VALUES(%d,0,0,0,%Q,%d,%d,NULL)",
      vid, zPath, isExe, file_islink(0));

    fossil_free(zFullname);
  }
  if( db_changes() ){
    fossil_print("ADDED  %s\n", zPath);
    return 1;
  }else{
    fossil_print("SKIP   %s\n", zPath);
    return 0;
  }
}








>












>
>
>
>
|
|
|
|
>


|








154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192

**
** Omit any file whose name is pOmit.
*/
static int add_one_file(
  const char *zPath,   /* Tree-name of file to add. */
  int vid              /* Add to this VFILE */
){
  int doSkip = 0;
  if( !file_is_simple_pathname(zPath, 1) ){
    fossil_warning("filename contains illegal characters: %s", zPath);
    return 0;
  }
  if( db_exists("SELECT 1 FROM vfile"
                " WHERE pathname=%Q %s", zPath, filename_collation()) ){
    db_multi_exec("UPDATE vfile SET deleted=0"
                  " WHERE pathname=%Q %s AND deleted",
                  zPath, filename_collation());
  }else{
    char *zFullname = mprintf("%s%s", g.zLocalRoot, zPath);
    int isExe = file_isexe(zFullname, RepoFILE);
    if( file_nondir_objects_on_path(g.zLocalRoot, zFullname) ){
      /* Do not add unsafe files to the vfile */
      doSkip = 1;
    }else{
      db_multi_exec(
        "INSERT INTO vfile(vid,deleted,rid,mrid,pathname,isexe,islink,mhash)"
        "VALUES(%d,0,0,0,%Q,%d,%d,NULL)",
        vid, zPath, isExe, file_islink(0));
    }
    fossil_free(zFullname);
  }
  if( db_changes() && !doSkip ){
    fossil_print("ADDED  %s\n", zPath);
    return 1;
  }else{
    fossil_print("SKIP   %s\n", zPath);
    return 0;
  }
}
This page was generated in about 0.016s by Fossil 2.26 [1205ec86cb] 2025-04-30 16:57:32