Better filename validation

diff --git a/rxpd.c b/rxpd.c
index 2fe7b77..61ab184 100644 (file)
--- a/rxpd.c
+++ b/rxpd.c
@@ -144,9 +144,8 @@ rxpd_file_new (struct rxpd_base* base, const char* filename)
   char buf[4096];
   struct rxpd_file* self = NULL;
 
-  // TODO better filenname validation / error handling
   if (!filename ||
-      strchr (filename, '/') ||
+      strcspn(filename, RXPD_FILE_ILG_CHARS) != strlen (filename) ||
       strlen (filename) + strlen (base->rulesdir) > 4097)
     return NULL;
 
@@ -540,11 +539,10 @@ rxpd_connection_parse_cmd (int fd, short event, void* ptr)
 
       if (!self->file)
         {
-          // todo create policy?
           self->file = rxpd_file_new (self->base, &line[i->sz]);
           if (!self->file)
             {
-              rxpd_buffer_printf (&self->out, "#ERROR: illegal rule\n");
+              rxpd_buffer_printf (&self->out, "#ERROR: illegal filename\n");
               rxpd_connection_delete (self);
               return;
             }

diff --git a/rxpd.h b/rxpd.h
index 7aca557..5fe0a1a 100644 (file)
--- a/rxpd.h
+++ b/rxpd.h
@@ -54,6 +54,12 @@
 enum rxpd_cmd_e {RXPD_COMMANDS};
 #undef RXPD_CMD
 
+/*
+ * characters which are absolutely not allowed in rule filenames
+ * for finer control use policies
+ */
+#define RXPD_FILE_ILG_CHARS "/: \t\n"
+
 struct rxpd_base;
 struct rxpd_file;
 struct rxpd_rule;