Bugfix/validate-user-provided-file-object-paths (#1197)
* Fixed BACnet file object path name unintended path traversals by optionally restricting path name content with BACNET_FILE_PATH_RESTRICTED define. * Added POSIX file path name checking for AtomicReadFile and AtomicWriteFile example applications. Prohibits use of relative and absolute file paths when BACNET_FILE_PATH_RESTRICTED is non-zero.
This commit is contained in:
Steve Karg
@@ -9,6 +9,10 @@
|
||||
#define BACNET_SYS_FILENAME_H
|
||||
/* BACnet Stack defines - first */
|
||||
#include "bacnet/bacdef.h"
|
||||
/* standard includes */
|
||||
#include <stdbool.h>
|
||||
#include <stddef.h>
|
||||
#include <stdint.h>
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
@@ -16,6 +20,8 @@ extern "C" {
|
||||
|
||||
BACNET_STACK_EXPORT
|
||||
const char *filename_remove_path(const char *filename_in);
|
||||
BACNET_STACK_EXPORT
|
||||
bool filename_path_valid(const char *pathname);
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user