| iMatix home page | << | < | > | >> |
SFL Version 2.11 |
#include "sflfile.h" Bool file_is_legal ( const char *arg_filename)
Checks whether the specified file is 'legal', which is a system-dependent definition. Under 32-bit Windows, a legal file is one who's name is not a shortened 8.3 version of a long name. This can be used to bypass filename-based security schemes. On other systems, the notion of 'illegal' is not defined. Returns TRUE if the file exists and is legal. Returns FALSE otherwise.
{ #if (defined (WIN32)) static WIN32_FIND_DATA found; HANDLE handle; char *filename, /* Our copy of arg_filename */ *slash, /* Position of '\' in filename */ *component; /* Component to compare */ Bool feedback; /* Function feedback */ /* For each path component of the filename, check that the long form * of the name is the same as the short form. We scan backwards * from the end of the filename, get the full pathname, and compare * the last component each time: * * aaa\bbb\ccc\name.ext name.ext * aaa\bbb\ccc ccc * aaa\bbb bbb * aaa aaa */ if (system_devicename (arg_filename)) return (FALSE); /* Not allowed on device names */ filename = mem_strdup (arg_filename); feedback = TRUE; /* Assume we match everything */ strconvch (filename, '/', '\\'); if (strlast (filename) == '\\') strlast (filename) = '\0'; /* Drop any trailing slash */ do { slash = strrchr (filename, '\\'); component = slash? slash + 1: filename; handle = FindFirstFile (filename, &found); if (handle != INVALID_HANDLE_VALUE && lexcmp (component, found.cFileName)) { feedback = FALSE; break; } FindClose (handle); if (slash) { *slash = '\0'; /* Cut filename at slash */ if (filename [1] == ':' && filename [2] == '\0') /* We're at a disk specifier */ break; /* which is okay by now */ } } while (slash && *filename); mem_free (filename); return (feedback); #else return (TRUE); /* On other OSes, all filenames are legal */ #endif }
| << | < | > | >> | Copyright © 1996-2000 iMatix Corporation |