From ae8c2ce39010b8b167402822d5ae65182aed3216 Mon Sep 17 00:00:00 2001
From: Demi Marie Obenour <demi@invisiblethingslab.com>
Date: Thu, 25 Apr 2024 21:19:07 -0400
Subject: [PATCH] Better error message for forbidden symbolic links

The error message is not great, but at least it is not actively
misleading anymore.

Will fix QubesOS/qubes-issues#8581 once this is used by qfile-unpacker
and qfile-agent.

(cherry picked from commit 34172dfd7e6c9a67f57180996cd29c2b751e8103)
---
 qrexec-lib/pack.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/qrexec-lib/pack.c b/qrexec-lib/pack.c
index 5481e73d..1d7fa42c 100644
--- a/qrexec-lib/pack.c
+++ b/qrexec-lib/pack.c
@@ -107,6 +107,16 @@ void wait_for_result(void)
             case EINVAL:
                 call_error_handler("File copy: Corrupted data from packer%s\"%s\"", last_filename_prefix, last_filename);
                 break;
+            case EILSEQ:
+                call_error_handler("Forbidden character in file or link target. Name might look somewhat like \"%s\"", last_filename);
+                break;
+            case ENOLINK:
+                // FIXME: the protocol only provides the name of the file, not what it points to.
+                // FIXME: This assumes that a symlink target was rejected, not a path.  However,
+                // this code should only produces valid paths, so if an invalid path gets sent,
+                // that's a bug.
+                call_error_handler("Cannot verify that link at \"%s\" would not be broken by copy", last_filename);
+                break;
             case EDQUOT:
                 if (ignore_quota_error) {
                     /* skip also CRC check as sender and receiver might be