Bugfix/validate-user-provided-file-object-paths (#1197)
* Fixed BACnet file object path name unintended path traversals by optionally restricting path name content with BACNET_FILE_PATH_RESTRICTED define. * Added POSIX file path name checking for AtomicReadFile and AtomicWriteFile example applications. Prohibits use of relative and absolute file paths when BACNET_FILE_PATH_RESTRICTED is non-zero.
This commit is contained in:
Steve Karg
@@ -167,6 +167,7 @@ target_sources(${PROJECT_NAME} PRIVATE
|
||||
${SRC_DIR}/bacnet/basic/sys/days.c
|
||||
${SRC_DIR}/bacnet/basic/sys/debug.c
|
||||
${SRC_DIR}/bacnet/basic/sys/fifo.c
|
||||
${SRC_DIR}/bacnet/basic/sys/filename.c
|
||||
${SRC_DIR}/bacnet/basic/sys/keylist.c
|
||||
${SRC_DIR}/bacnet/basic/sys/mstimer.c
|
||||
${SRC_DIR}/bacnet/access_rule.c
|
||||
|
||||
Reference in New Issue
Block a user