diff --git a/qrexec-lib/pack.c b/qrexec-lib/pack.c index 5481e73d..29a8ee0d 100644 --- a/qrexec-lib/pack.c +++ b/qrexec-lib/pack.c @@ -107,6 +107,18 @@ void wait_for_result(void) case EINVAL: call_error_handler("File copy: Corrupted data from packer%s\"%s\"", last_filename_prefix, last_filename); break; + case EILSEQ: + // FIXME: the sanitized filename is not useful here, but the unsanitized filename + // is dangerous (which is likely why it was rejected in the first place!). + call_error_handler("Forbidden character in file or link target"); + break; + case ENOLINK: + // FIXME: the protocol only provides the name of the file, not what it points to. + // FIXME: This assumes that a symlink target was rejected, not a path. However, + // this code should only produces valid paths, so if an invalid path gets sent, + // that's a bug. + call_error_handler("Cannot verify that link at \"%s\" would not be broken by copy", last_filename); + break; case EDQUOT: if (ignore_quota_error) { /* skip also CRC check as sender and receiver might be