| << | < | > | >>
SFLVersion 2.11
|
| iMatix home page | << | < | > | >> |
SFL Version 2.11 |
#include "sflfile.h"
Bool
file_is_legal (
const char *arg_filename)
Checks whether the specified file is 'legal', which is a system-dependent definition. Under 32-bit Windows, a legal file is one who's name is not a shortened 8.3 version of a long name. This can be used to bypass filename-based security schemes. On other systems, the notion of 'illegal' is not defined. Returns TRUE if the file exists and is legal. Returns FALSE otherwise.
{
#if (defined (WIN32))
static WIN32_FIND_DATA
found;
HANDLE
handle;
char
*filename, /* Our copy of arg_filename */
*slash, /* Position of '\' in filename */
*component; /* Component to compare */
Bool
feedback; /* Function feedback */
/* For each path component of the filename, check that the long form
* of the name is the same as the short form. We scan backwards
* from the end of the filename, get the full pathname, and compare
* the last component each time:
*
* aaa\bbb\ccc\name.ext name.ext
* aaa\bbb\ccc ccc
* aaa\bbb bbb
* aaa aaa
*/
if (system_devicename (arg_filename))
return (FALSE); /* Not allowed on device names */
filename = mem_strdup (arg_filename);
feedback = TRUE; /* Assume we match everything */
strconvch (filename, '/', '\\');
if (strlast (filename) == '\\')
strlast (filename) = '\0'; /* Drop any trailing slash */
do
{
slash = strrchr (filename, '\\');
component = slash? slash + 1: filename;
handle = FindFirstFile (filename, &found);
if (handle != INVALID_HANDLE_VALUE
&& lexcmp (component, found.cFileName))
{
feedback = FALSE;
break;
}
FindClose (handle);
if (slash)
{
*slash = '\0'; /* Cut filename at slash */
if (filename [1] == ':'
&& filename [2] == '\0') /* We're at a disk specifier */
break; /* which is okay by now */
}
}
while (slash && *filename);
mem_free (filename);
return (feedback);
#else
return (TRUE); /* On other OSes, all filenames are legal */
#endif
}
| | << | < | > | >> |
Copyright © 1996-2000 iMatix Corporation |