shithub: paste

Download patch

ref: 0f877570da31223a8243e6f594c68b8fa82d30c4
parent: b4146b0364b0e4a6bc1f3923262ac8b6e52c0ef8
author: Alex Musolino <alex@musolino.id.au>
date: Thu May 22 06:07:22 EDT 2025 

paste.c: only use base paste of provided filenames

Previously leading .. in filenames would cause the paste
cgi program to write outside of the paste directory.


--- a/bin/paste.c
+++ b/bin/paste.c
@@ -421,7 +421,12 @@
 						if(cistrcmp(key, "filename") == 0){
 							if(strlen(val) > 0){
 								free(filename);
-								filename = smprint("%s/%s", dir, val);
+								filename = strrchr(val, '/');
+								if(filename == nil)
+									filename = val;
+								else
+									filename++;
+								filename = smprint("%s/%s", dir, filename);
 							}
 						}else if(cistrcmp(key, "name") == 0){
 							if(strcmp(val, "text") == 0)
--