commit | d5c113198ebe887f0b99062ca05a65dffa4d73a4 | [log] [tgz] |
---|---|---|
author | Android Build Coastguard Worker <android-build-coastguard-worker@google.com> | Tue Jun 07 01:24:12 2022 +0000 |
committer | Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> | Tue Jun 07 01:24:12 2022 +0000 |
tree | 902f30bb0a4da19dc9509bba566eafcf74850473 | |
parent | 1c56e3a9b6cea6a4d3faaa278b848f233c87f359 [diff] | |
parent | cef637a4fb112f4b8cd8e53abcbedbaca226ea36 [diff] |
Merge cherrypicks of [17605899] into rvc-platform-release. am: cef637a4fb Original change: https://googleplex-android-review.googlesource.com/c/platform/system/core/+/17844779 Change-Id: Ia9798976e61df61692416ab134f47efff07b06f4 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
diff --git a/adb/client/file_sync_client.cpp b/adb/client/file_sync_client.cpp index e686973..3374812 100644 --- a/adb/client/file_sync_client.cpp +++ b/adb/client/file_sync_client.cpp
@@ -477,6 +477,17 @@ if (!ReadFdExactly(fd, buf, len)) return false; buf[len] = 0; + // Address the unlikely scenario wherein a + // compromised device/service might be able to + // traverse across directories on the host. Let's + // shut that door! + if (strchr(buf, '/') +#if defined(_WIN32) + || strchr(buf, '\\') +#endif + ) { + return false; + } callback(dent.mode, dent.size, dent.mtime, buf); } }