summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBarton E. Schaefer <schaefer@zsh.org>2015-09-19 23:03:39 -0700
committerBarton E. Schaefer <schaefer@zsh.org>2015-09-19 23:03:39 -0700
commit4375d7b905dca266c3a14bf603a908eb7c3dfbf2 (patch)
tree32f8457b5a3b626c039152f417e9bd2a91e710f0
parentdf0d86b847fbf5bd1ad383531cd52b261dc07717 (diff)
downloadzsh-4375d7b905dca266c3a14bf603a908eb7c3dfbf2.tar.gz
zsh-4375d7b905dca266c3a14bf603a908eb7c3dfbf2.zip
36562: sanitize $PWD on import, per POSIX
Diffstat
-rw-r--r--ChangeLog4
-rw-r--r--Src/utils.c20
2 files changed, 21 insertions, 3 deletions
diff --git a/ChangeLog b/ChangeLog
index bb03894a0..6d99ccd81 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+2015-09-19 Barton E. Schaefer <schaefer@zsh.org>
+
+ * 36562: Src/utils.c: sanitize $PWD on import, per POSIX
+
2015-09-19 Peter Stephenson <p.w.stephenson@ntlworld.com>
* 36559: Src/pattern.c: test earlier for overflow in pattern
diff --git a/Src/utils.c b/Src/utils.c
index 1de3d9578..ab3b0c274 100644
--- a/Src/utils.c
+++ b/Src/utils.c
@@ -692,9 +692,23 @@ ispwd(char *s)
{
struct stat sbuf, tbuf;
- if (stat(unmeta(s), &sbuf) == 0 && stat(".", &tbuf) == 0)
- if (sbuf.st_dev == tbuf.st_dev && sbuf.st_ino == tbuf.st_ino)
- return 1;
+ /* POSIX: environment PWD must be absolute */
+ if (*s != '/')
+ return 0;
+
+ if (stat((s = unmeta(s)), &sbuf) == 0 && stat(".", &tbuf) == 0)
+ if (sbuf.st_dev == tbuf.st_dev && sbuf.st_ino == tbuf.st_ino) {
+ /* POSIX: No element of $PWD may be "." or ".." */
+ while (*s) {
+ if (s[0] == '.' &&
+ (!s[1] || s[1] == '/' ||
+ (s[1] == '.' && (!s[2] || s[2] == '/'))))
+ break;
+ while (*s++ != '/' && *s)
+ continue;
+ }
+ return !*s;
+ }
return 0;
}
generated by cgit v1.2.3 (git 2.39.1) at 2025-06-10 12:56:22 +0000