From 0270b7281b783cbea5c1f0ebb4440d2be1bd79fa Mon Sep 17 00:00:00 2001
From: =?utf8?q?Jos=C3=A9=20Bollo?= <jose.bollo@iot.bzh>
Date: Wed, 9 Dec 2015 14:22:42 +0100
Subject: [PATCH] validation of the path

Change-Id: I3ae984e787335264cd7f88f239453ff10c900ee2
---
 wgt-rootdir.c | 46 ++++++++++++++++++++++++++++++++++++++++++++--
 1 file changed, 44 insertions(+), 2 deletions(-)

diff --git a/wgt-rootdir.c b/wgt-rootdir.c
index b7d9066..4df1705 100644
--- a/wgt-rootdir.c
+++ b/wgt-rootdir.c
@@ -18,8 +18,7 @@
 
 #include <unistd.h>
 #include <fcntl.h>
-#include <sys/types.h>
-#include <sys/stat.h>
+#include <errno.h>
 
 #include "wgt.h"
 
@@ -43,13 +42,56 @@ int widget_set_rootdir(const char *pathname)
 	return 0;
 }
 
+static int validsubpath(const char *subpath)
+{
+	int l = 0, i = 0;
+	if (subpath[i] == '/')
+		return 0;
+	while(subpath[i]) {
+		switch(subpath[i++]) {
+		case '.':
+			if (!subpath[i])
+				break;
+			if (subpath[i] == '/') {
+				i++;
+				break;
+			}
+			if (subpath[i++] == '.') {
+				if (!subpath[i]) {
+					l--;
+					break;
+				}
+				if (subpath[i++] == '/') {
+					l--;
+					break;
+				}
+			}
+		default:
+			while(subpath[i] && subpath[i] != '/')
+				i++;
+			l++;
+		case '/':
+			break;
+		}
+	}
+	return l >= 0;
+}
+
 int widget_has(const char *filename)
 {
+	if (!validsubpath(filename)) {
+		errno = EINVAL;
+		return -1;
+	}
 	return 0 == faccessat(rootfd, filename, F_OK, 0);
 }
 
 int widget_open_read(const char *filename)
 {
+	if (!validsubpath(filename)) {
+		errno = EINVAL;
+		return -1;
+	}
 	return openat(rootfd, filename, O_RDONLY);
 }
 
-- 
2.16.6