diff --git a/qrexec-lib/unpack.c b/qrexec-lib/unpack.c index b3c3f456..3aa363c9 100644 --- a/qrexec-lib/unpack.c +++ b/qrexec-lib/unpack.c @@ -204,7 +204,7 @@ void process_one_file_reg(struct file_header *untrusted_hdr, const char *last_segment; char *path_dup; - if (!qubes_pure_validate_file_name((uint8_t *)untrusted_name)) + if (!qubes_pure_validate_file_name((const uint8_t *)untrusted_name)) do_exit(EILSEQ, untrusted_name); /* FIXME: better error message */ if ((path_dup = strdup(untrusted_name)) == NULL) do_exit(ENOMEM, untrusted_name); @@ -266,7 +266,7 @@ void process_one_file_dir(struct file_header *untrusted_hdr, int safe_dirfd; const char *last_segment; char *path_dup; - if (!qubes_pure_validate_file_name((uint8_t *)untrusted_name)) + if (!qubes_pure_validate_file_name((const uint8_t *)untrusted_name)) do_exit(EILSEQ, untrusted_name); /* FIXME: better error message */ if ((path_dup = strdup(untrusted_name)) == NULL) do_exit(ENOMEM, untrusted_name); @@ -298,7 +298,7 @@ void process_one_file_link(struct file_header *untrusted_hdr, const char *last_segment; char *path_dup; unsigned int filelen; - if (!qubes_pure_validate_file_name((uint8_t *)untrusted_name)) + if (!qubes_pure_validate_file_name((const uint8_t *)untrusted_name)) do_exit(EILSEQ, untrusted_name); /* FIXME: better error message */ int safe_dirfd; if (untrusted_hdr->filelen > MAX_PATH_LENGTH - 1) @@ -315,8 +315,8 @@ void process_one_file_link(struct file_header *untrusted_hdr, * Ensure that no immediate subdirectory of ~/QubesIncoming/VMNAME * may have symlinks that point out of it. */ - if (!qubes_pure_validate_symbolic_link((uint8_t *)untrusted_name, - (uint8_t *)untrusted_content)) + if (!qubes_pure_validate_symbolic_link((const uint8_t *)untrusted_name, + (const uint8_t *)untrusted_content)) do_exit(EILSEQ, untrusted_content); if ((path_dup = strdup(untrusted_name)) == NULL) diff --git a/qrexec-lib/validator-test.c b/qrexec-lib/validator-test.c index 614ce083..f170bf27 100644 --- a/qrexec-lib/validator-test.c +++ b/qrexec-lib/validator-test.c @@ -70,34 +70,34 @@ int main(int argc, char **argv) { (void)argc; (void)argv; - assert(qubes_pure_validate_file_name((uint8_t *)u8"simple_safe_filename.txt")); + assert(qubes_pure_validate_file_name((const uint8_t *)u8"simple_safe_filename.txt")); // Directory traversal checks - assert(!qubes_pure_validate_file_name((uint8_t *)"..")); - assert(!qubes_pure_validate_file_name((uint8_t *)"../..")); - assert(!qubes_pure_validate_file_name((uint8_t *)"a/..")); - assert(!qubes_pure_validate_file_name((uint8_t *)"a/../b")); - assert(!qubes_pure_validate_file_name((uint8_t *)"/")); - assert(!qubes_pure_validate_file_name((uint8_t *)"//")); - assert(!qubes_pure_validate_file_name((uint8_t *)"///")); - assert(!qubes_pure_validate_file_name((uint8_t *)"/a")); - assert(!qubes_pure_validate_file_name((uint8_t *)"//a")); - assert(!qubes_pure_validate_file_name((uint8_t *)"///a")); + assert(!qubes_pure_validate_file_name((const uint8_t *)"..")); + assert(!qubes_pure_validate_file_name((const uint8_t *)"../..")); + assert(!qubes_pure_validate_file_name((const uint8_t *)"a/..")); + assert(!qubes_pure_validate_file_name((const uint8_t *)"a/../b")); + assert(!qubes_pure_validate_file_name((const uint8_t *)"/")); + assert(!qubes_pure_validate_file_name((const uint8_t *)"//")); + assert(!qubes_pure_validate_file_name((const uint8_t *)"///")); + assert(!qubes_pure_validate_file_name((const uint8_t *)"/a")); + assert(!qubes_pure_validate_file_name((const uint8_t *)"//a")); + assert(!qubes_pure_validate_file_name((const uint8_t *)"///a")); // No repeated slashes - assert(!qubes_pure_validate_file_name((uint8_t *)"a//b")); + assert(!qubes_pure_validate_file_name((const uint8_t *)"a//b")); // No "." as a path component - assert(!qubes_pure_validate_file_name((uint8_t *)".")); - assert(!qubes_pure_validate_file_name((uint8_t *)"a/.")); - assert(!qubes_pure_validate_file_name((uint8_t *)"./a")); - assert(!qubes_pure_validate_file_name((uint8_t *)"a/./a")); + assert(!qubes_pure_validate_file_name((const uint8_t *)".")); + assert(!qubes_pure_validate_file_name((const uint8_t *)"a/.")); + assert(!qubes_pure_validate_file_name((const uint8_t *)"./a")); + assert(!qubes_pure_validate_file_name((const uint8_t *)"a/./a")); // No ".." as a path component - assert(!qubes_pure_validate_file_name((uint8_t *)"..")); - assert(!qubes_pure_validate_file_name((uint8_t *)"a/..")); - assert(!qubes_pure_validate_file_name((uint8_t *)"../a")); - assert(!qubes_pure_validate_file_name((uint8_t *)"a/../a")); + assert(!qubes_pure_validate_file_name((const uint8_t *)"..")); + assert(!qubes_pure_validate_file_name((const uint8_t *)"a/..")); + assert(!qubes_pure_validate_file_name((const uint8_t *)"../a")); + assert(!qubes_pure_validate_file_name((const uint8_t *)"a/../a")); // Looks like "." or ".." but is not assert(qubes_pure_validate_file_name((const uint8_t *)".a"));