From: Bastien Nocera <hadess@xxxxxxxxxx> Instead of trying to do it by hand. This also makes sure that relative paths aren't used by the agent. [Emil Velikov] Originally this patch was posted in 2013, but deferred since bluez was planning to move away from glib. Presently there's no obvious action towards that goal, so I think we can safely land this. As mentioned by the author, current code allows for relative paths and considering that obexd service runs without meaningful sandboxing and on some distributions it is ran as root, we should plug the whole before anyone (ab)uses it. --- obexd/src/manager.c | 15 +++++---------- 1 file changed, 5 insertions(+), 10 deletions(-) diff --git a/obexd/src/manager.c b/obexd/src/manager.c index 73fd6b9af..cc1de7ae2 100644 --- a/obexd/src/manager.c +++ b/obexd/src/manager.c @@ -644,18 +644,13 @@ static void agent_reply(DBusPendingCall *call, void *user_data) DBUS_TYPE_STRING, &name, DBUS_TYPE_INVALID)) { /* Splits folder and name */ - const char *slash = strrchr(name, '/'); + gboolean is_relative = !g_path_is_absolute(name); DBG("Agent replied with %s", name); - if (!slash) { - agent->new_name = g_strdup(name); + agent->new_name = g_path_get_basename(name); + if (is_relative) agent->new_folder = NULL; - } else { - if (strlen(slash) == 1) - agent->new_name = NULL; - else - agent->new_name = g_strdup(slash + 1); - agent->new_folder = g_strndup(name, slash - name); - } + else + agent->new_folder = g_path_get_dirname(name); } dbus_message_unref(reply); -- 2.43.0