do not adjust path when receiving an SFTP open file packet

wolfSSL · Oct 4, 2024 · 7ec124c · 7ec124c
1 parent ede6f8e
commit 7ec124c
Showing 1 changed file with 14 additions and 23 deletions.
diff --git a/src/wolfsftp.c b/src/wolfsftp.c
@@ -1684,27 +1684,13 @@ static int GetAndCleanPath(const char* defaultPath,
         const byte* data, word32 sz, char* s, word32 sSz)
 {
     char r[WOLFSSH_MAX_FILENAME];
-    int ret;
 
     if (sz >= sizeof r)
         return WS_BUFFER_E;
     WMEMCPY(r, data, sz);
     r[sz] = '\0';
 
-    ret = wolfSSH_RealPath(defaultPath, r, s, sSz);
-    if (ret == 0 && WOLFSSH_SFTP_IS_DELIM(data[sz-1])) {
-        int strSz;
-
-        strSz = (int)WSTRLEN(s);
-        if (strSz + 1 >= WOLFSSH_MAX_FILENAME) {
-            ret = WS_BUFFER_E;
-        }
-        else {
-            s[strSz] = WS_DELIM;
-            s[strSz+1] = '\0';
-        }
-    }
-    return ret;
+    return wolfSSH_RealPath(defaultPath, r, s, sSz);
 }
 
 
@@ -1992,7 +1978,7 @@ int wolfSSH_SFTP_RecvOpen(WOLFSSH* ssh, int reqId, byte* data, word32 maxSz)
     WS_SFTP_FILEATRB atr;
     WFD    fd;
     word32 sz;
-    char   dir[WOLFSSH_MAX_FILENAME];
+    char   dir[WOLFSSH_MAX_FILENAME+1]; /* +1 for null terminator */
     word32 reason;
     word32 idx = 0;
     int m = 0;
@@ -2027,11 +2013,13 @@ int wolfSSH_SFTP_RecvOpen(WOLFSSH* ssh, int reqId, byte* data, word32 maxSz)
         return WS_BUFFER_E;
     }
 
-    ret = GetAndCleanPath(ssh->sftpDefaultPath, data + idx, sz,
-            dir, sizeof(dir));
-    if (ret < 0) {
-        return ret;
+    /* copy file name directly for attempt to open */
+    if (sz >= WOLFSSH_MAX_FILENAME) {
+        WLOG(WS_LOG_SFTP, "File name is too large");
+        return WS_BUFFER_E;
     }
+    WMEMCPY(dir, data + idx, sz);
+    dir[sz] = '\0';
     idx += sz;
 
     /* get reason for opening file */
@@ -2146,7 +2134,7 @@ int wolfSSH_SFTP_RecvOpen(WOLFSSH* ssh, int reqId, byte* data, word32 maxSz)
 /*    WS_SFTP_FILEATRB atr;*/
     HANDLE fileHandle;
     word32 sz;
-    char   dir[WOLFSSH_MAX_FILENAME];
+    char   dir[WOLFSSH_MAX_FILENAME+1]; /* +1 for null terminator */
     word32 reason;
     word32 idx = 0;
     DWORD desiredAccess = 0;
@@ -2182,10 +2170,13 @@ int wolfSSH_SFTP_RecvOpen(WOLFSSH* ssh, int reqId, byte* data, word32 maxSz)
         return WS_BUFFER_E;
     }
 
-    if (GetAndCleanPath(ssh->sftpDefaultPath,
-                data + idx, sz, dir, sizeof(dir)) < 0) {
+    /* copy file name directly for attempt to open */
+    if (sz >= WOLFSSH_MAX_FILENAME) {
+        WLOG(WS_LOG_SFTP, "File name is too large");
         return WS_BUFFER_E;
     }
+    WMEMCPY(dir, data + idx, sz);
+    dir[sz] = '\0';
     idx += sz;
 
     /* get reason for opening file */