Google Git
Sign in
coral / bluez-imx / 6b5d954ec76cb3c1c8bf69e8572ad147ca60cb1d
commit6b5d954ec76cb3c1c8bf69e8572ad147ca60cb1d[log] [tgz]
authorSlawomir Bochenski <lkslawek@gmail.com>Mon Aug 01 15:44:57 2011 +0200
committerMarcel Holtmann <marcel@holtmann.org>Tue Dec 04 22:48:41 2012 +0100
tree1e27461903a3fea32e48913a267ca7e2d28d2e6c
parent1729ca8692d99ab2c1a269aa79566300de78eb1b [diff]
obexd: Fix valid file name checks for FTP & OPP

Until now adversary could exploit OBEX Name header and perform any kind
of operations (listing, getting, putting) outside of given root by
putting path with ".." components inside this header.
4 files changed
tree: 1e27461903a3fea32e48913a267ca7e2d28d2e6c
  1. attrib/
  2. btio/
  3. doc/
  4. emulator/
  5. gdbus/
  6. gobex/
  7. lib/
  8. monitor/
  9. obexd/
  10. plugins/
  11. profiles/
  12. scripts/
  13. src/
  14. test/
  15. tools/
  16. unit/
  17. .gitignore
  18. .mailmap
  19. acinclude.m4
  20. AUTHORS
  21. bluez.pc.in
  22. bootstrap
  23. bootstrap-configure
  24. ChangeLog
  25. configure.ac
  26. COPYING
  27. COPYING.LIB
  28. INSTALL
  29. Makefile.am
  30. Makefile.tools
  31. NEWS
  32. README
  33. TODO