]>
Commit | Line | Data |
---|---|---|
1e216f85 AM |
1 | diff -urN pure-ftpd-1.0.20.org/src/ftpd.c pure-ftpd-1.0.20/src/ftpd.c |
2 | --- pure-ftpd-1.0.20.org/src/ftpd.c 2004-07-17 15:28:22.000000000 +0200 | |
3 | +++ pure-ftpd-1.0.20/src/ftpd.c 2005-10-12 14:06:11.200877672 +0200 | |
4 | @@ -637,7 +637,7 @@ | |
5 | * with a dot are only allowed to root and to users | |
6 | * chroot()ed in their home directories -Jedi. */ | |
7 | ||
8 | -static int checknamesanity(const char *name, int dot_ok) | |
9 | +static int checknamesanity(const char *name, int dot_ok, int is_dele) | |
10 | { | |
11 | register const char *namepnt; | |
12 | ||
13 | @@ -667,7 +667,7 @@ | |
14 | return -1; /* .ftpquota => *NO* */ | |
15 | } | |
16 | #endif | |
17 | - if (strstr(namepnt, PUREFTPD_TMPFILE_PREFIX) != NULL) { | |
18 | + if ((!(is_dele && guest == 0)) && strstr(namepnt, PUREFTPD_TMPFILE_PREFIX) != NULL) { | |
19 | return -1; | |
20 | } | |
21 | while (*namepnt != 0) { | |
22 | @@ -1839,7 +1839,7 @@ | |
23 | } | |
24 | } | |
25 | } | |
26 | - if (checknamesanity(where, dot_read_ok) != 0) { | |
27 | + if (checknamesanity(where, dot_read_ok, 0) != 0) { | |
28 | addreply(550, MSG_SANITY_FILE_FAILURE, where); | |
29 | return; | |
30 | } | |
31 | @@ -2397,7 +2397,7 @@ | |
32 | addreply_noformat(501, MSG_NO_FILE_NAME); | |
33 | return; | |
34 | } | |
35 | - if (checknamesanity(name, dot_write_ok) != 0) { | |
36 | + if (checknamesanity(name, dot_write_ok, 0) != 0) { | |
37 | addreply(550, MSG_SANITY_FILE_FAILURE, name); | |
38 | return; | |
39 | } | |
40 | @@ -2453,7 +2453,7 @@ | |
41 | addreply_noformat(501, MSG_NO_FILE_NAME); | |
42 | return; | |
43 | } | |
44 | - if (checknamesanity(name, dot_write_ok) != 0) { | |
45 | + if (checknamesanity(name, dot_write_ok, 1) != 0) { | |
46 | addreply(550, MSG_SANITY_FILE_FAILURE, name); | |
47 | return; | |
48 | } | |
49 | @@ -2740,7 +2740,7 @@ | |
50 | goto end; | |
51 | } | |
52 | # endif | |
53 | - if (checknamesanity(name, dot_read_ok) != 0) { | |
54 | + if (checknamesanity(name, dot_read_ok, 0) != 0) { | |
55 | addreply(550, MSG_SANITY_FILE_FAILURE, name); | |
56 | goto end; | |
57 | } | |
58 | @@ -3227,7 +3227,7 @@ | |
59 | addreply_noformat(550, MSG_ANON_CANT_MKD); | |
60 | return; | |
61 | } | |
62 | - if (checknamesanity(name, dot_write_ok) != 0) { | |
63 | + if (checknamesanity(name, dot_write_ok, 0) != 0) { | |
64 | addreply_noformat(550, MSG_SANITY_DIRECTORY_FAILURE); | |
65 | return; | |
66 | } | |
67 | @@ -3265,7 +3265,7 @@ | |
68 | return; | |
69 | } | |
70 | #endif | |
71 | - if (checknamesanity(name, dot_write_ok) != 0) { | |
72 | + if (checknamesanity(name, dot_write_ok, 0) != 0) { | |
73 | addreply_noformat(550, MSG_SANITY_DIRECTORY_FAILURE); | |
74 | return; | |
75 | } | |
76 | @@ -3561,7 +3561,7 @@ | |
77 | } | |
78 | } | |
79 | cantcheckspace: | |
80 | - if (checknamesanity(name, dot_write_ok) != 0 || | |
81 | + if (checknamesanity(name, dot_write_ok, 0) != 0 || | |
82 | (atomic_file = get_atomic_file(name)) == NULL) { | |
83 | addreply(553, MSG_SANITY_FILE_FAILURE, name); | |
84 | /* implicit : atomic_file = NULL */ | |
85 | @@ -3968,7 +3968,7 @@ | |
86 | addreply_noformat(550, MSG_RENAME_FAILURE); | |
87 | return; | |
88 | } | |
89 | - if (checknamesanity(name, dot_write_ok) != 0) { | |
90 | + if (checknamesanity(name, dot_write_ok, 0) != 0) { | |
91 | addreply(550, MSG_SANITY_FILE_FAILURE, name); | |
92 | return; | |
93 | } | |
94 | @@ -3998,7 +3998,7 @@ | |
95 | addreply_noformat(503, MSG_RENAME_NORNFR); | |
96 | goto bye; | |
97 | } | |
98 | - if (checknamesanity(name, dot_write_ok) != 0) { | |
99 | + if (checknamesanity(name, dot_write_ok, 0) != 0) { | |
100 | addreply(550, MSG_SANITY_FILE_FAILURE, name); | |
101 | return; /* don't clear rnfrom buffer */ | |
102 | } |