diff --git a/nfq2/helpers.c b/nfq2/helpers.c index 481c04b..b8d3655 100644 --- a/nfq2/helpers.c +++ b/nfq2/helpers.c @@ -9,9 +9,15 @@ #include #include #include +#include #include #include +#ifdef __CYGWIN__ +#include +#endif + + #define UNIQ_SORT \ { \ size_t i, j, u; \ @@ -670,6 +676,53 @@ bool set_env_exedir(const char *argv0) return bOK; } +// works for existing and new files +bool realpath_any(const char *file, char *pabs) +{ + bool b = true; + char *s1=NULL, *s2=NULL; + int res; + size_t l; + +#ifdef __CYGWIN__ + l = cygwin_conv_path(CCP_WIN_A_TO_POSIX | CCP_ABSOLUTE, file, NULL, 0); + char *rp_file = (char*)malloc(l); + if (cygwin_conv_path(CCP_WIN_A_TO_POSIX | CCP_ABSOLUTE, file, rp_file, l)) + goto err; +#else +#define rp_file file +#endif + + if (!realpath(rp_file,pabs)) + { + char pa[PATH_MAX], *dir, *base; + if (!(s1 = strdup(rp_file))) goto err; + dir = dirname(s1); + if (!realpath(dir,pa)) + goto err; + if (!(s2 = strdup(rp_file))) goto err; + base = basename(s2); + l = strlen(pa); + if (l && pa[l-1]=='/') + res=snprintf(pabs,PATH_MAX,"%s%s",pa, base); + else + res=snprintf(pabs,PATH_MAX,"%s/%s",pa,base); + b = res>0 && res= '0' && *p <= '9') diff --git a/nfq2/helpers.h b/nfq2/helpers.h index 2d29490..b64be89 100644 --- a/nfq2/helpers.h +++ b/nfq2/helpers.h @@ -106,6 +106,7 @@ void set_console_io_buffering(void); void close_std(void); void close_std_and_exit(int code); bool set_env_exedir(const char *argv0); +bool realpath_any(const char *file, char *pabs); bool parse_int16(const char *p, int16_t *v); diff --git a/nfq2/hostlist.c b/nfq2/hostlist.c index 8f5aaf6..ff0c0f1 100644 --- a/nfq2/hostlist.c +++ b/nfq2/hostlist.c @@ -280,13 +280,15 @@ bool HostlistCheck(const struct desync_profile *dp, const char *host, bool no_ma static struct hostlist_file *RegisterHostlist_(struct hostlist_files_head *hostlists, struct hostlist_collection_head *hl_collection, const char *filename) { struct hostlist_file *hfile; + char pabs[PATH_MAX]; if (filename) { - if (!(hfile=hostlist_files_search(hostlists, filename))) - if (!(hfile=hostlist_files_add(hostlists, filename))) + if (!realpath(filename,pabs)) return NULL; + if (!(hfile=hostlist_files_search(hostlists, pabs))) + if (!(hfile=hostlist_files_add(hostlists, pabs))) return NULL; - if (!hostlist_collection_search(hl_collection, filename)) + if (!hostlist_collection_search(hl_collection, pabs)) if (!hostlist_collection_add(hl_collection, hfile)) return NULL; } diff --git a/nfq2/ipset.c b/nfq2/ipset.c index ba1f23e..114db92 100644 --- a/nfq2/ipset.c +++ b/nfq2/ipset.c @@ -278,12 +278,15 @@ bool IpsetCheck( static struct ipset_file *RegisterIpset_(struct ipset_files_head *ipsets, struct ipset_collection_head *ips_collection, const char *filename) { struct ipset_file *hfile; + char pabs[PATH_MAX]; + if (filename) { - if (!(hfile=ipset_files_search(ipsets, filename))) - if (!(hfile=ipset_files_add(ipsets, filename))) + if (!realpath(filename,pabs)) return NULL; + if (!(hfile=ipset_files_search(ipsets, pabs))) + if (!(hfile=ipset_files_add(ipsets, pabs))) return NULL; - if (!ipset_collection_search(ips_collection, filename)) + if (!ipset_collection_search(ips_collection, pabs)) if (!ipset_collection_add(ips_collection, hfile)) return NULL; } diff --git a/nfq2/nfqws.c b/nfq2/nfqws.c index 77be67e..b0d0e92 100644 --- a/nfq2/nfqws.c +++ b/nfq2/nfqws.c @@ -2164,8 +2164,11 @@ int main(int argc, char **argv) { if (*optarg == '@') { - strncpy(params.debug_logfile, optarg + 1, sizeof(params.debug_logfile)); - params.debug_logfile[sizeof(params.debug_logfile) - 1] = 0; + if (!realpath_any(optarg+1,params.debug_logfile)) + { + DLOG_ERR("bad file '%s'\n",optarg+1); + exit_clean(1); + } FILE *F = fopen(params.debug_logfile, "wt"); if (!F) { @@ -2269,7 +2272,11 @@ int main(int argc, char **argv) } break; case IDX_PIDFILE: - snprintf(params.pidfile, sizeof(params.pidfile), "%s", optarg); + if (!realpath_any(optarg,params.pidfile)) + { + DLOG_ERR("bad file '%s'\n",optarg); + exit_clean(1); + } break; #ifndef __CYGWIN__ case IDX_USER: @@ -2373,8 +2380,11 @@ int main(int argc, char **argv) params.writeable_dir_enable = true; if (optarg) { - strncpy(params.writeable_dir, optarg, sizeof(params.writeable_dir)); - params.writeable_dir[sizeof(params.writeable_dir) - 1] = 0; + if (!realpath_any(optarg, params.writeable_dir)) + { + DLOG_ERR("bad file '%s'\n",optarg); + exit_clean(1); + } } else *params.writeable_dir = 0; @@ -2385,10 +2395,22 @@ int main(int argc, char **argv) break; case IDX_LUA_INIT: - if (!strlist_add_tail(¶ms.lua_init_scripts, optarg)) { - DLOG_ERR("out of memory\n"); - exit_clean(1); + char pabs[PATH_MAX+1], *p=optarg; + if (*p=='@') + { + if (!realpath_any(p+1,pabs+1)) + { + DLOG_ERR("bad file '%s'\n",p+1); + exit_clean(1); + } + *(p=pabs)='@'; + } + if (!strlist_add_tail(¶ms.lua_init_scripts, p)) + { + DLOG_ERR("out of memory\n"); + exit_clean(1); + } } break; case IDX_LUA_GC: @@ -2518,15 +2540,18 @@ int main(int argc, char **argv) break; case IDX_HOSTLIST_AUTO_DEBUG: { - FILE *F = fopen(optarg, "a+t"); + if (!realpath_any(optarg,params.hostlist_auto_debuglog)) + { + DLOG_ERR("bad file '%s'\n",optarg); + exit_clean(1); + } + FILE *F = fopen(params.hostlist_auto_debuglog, "a+t"); if (!F) { DLOG_ERR("cannot create %s\n", optarg); exit_clean(1); } fclose(F); - strncpy(params.hostlist_auto_debuglog, optarg, sizeof(params.hostlist_auto_debuglog)); - params.hostlist_auto_debuglog[sizeof(params.hostlist_auto_debuglog) - 1] = '\0'; } break;