Nebula 1

home *** CD-ROM | disk | FTP | other *** search

/ Nebula 1 / Nebula One.iso / Mail / pine3.92 / pine / osdep / fltrname < prev next >

Wrap

Text File | 1995-12-11 | 3.9 KB | 145 lines

/*---------------------------------------------------------------------- Filter file names for strange characters Args: file -- the file name to check Result: Returns NULL if file name is OK Returns formatted error message if it is not ----*/ char * filter_filename(file) char *file; { #ifdef ALLOW_WEIRD static char illegal[] = {'\177', '\0'}; #else static char illegal[] = {'"', '#', '$', '%', '&', '\'','(', ')','*', ',', ':', ';', '<', '=', '>', '?', '[', ']', '\\', '^', '|', '\177', '\0'}; #endif static char error[100]; char ill_file[MAXPATH+1], *ill_char, *ptr, e2[10]; int i; for(ptr = file; *ptr == ' '; ptr++) ; /* leading spaces gone */ while(*ptr && *ptr > ' ' && strindex(illegal, *ptr) == 0) ptr++; if(*ptr != '\0') { if(*ptr == ' ') { ill_char = "<space>"; } else if(*ptr == '\n') { ill_char = "<newline>"; } else if(*ptr == '\r') { ill_char = "<carriage return>"; } else if(*ptr == '\t') { ill_char = "<tab>"; } else if(*ptr < ' ') { sprintf(e2, "control-%c", *ptr + '@'); ill_char = e2; } else if (*ptr == '\177') { ill_char = "<del>"; } else { e2[0] = *ptr; e2[1] = '\0'; ill_char = e2; } if(ptr != file) { strncpy(ill_file, file, ptr - file); ill_file[ptr - file] = '\0'; sprintf(error, "Character \"%s\" after \"%s\" not allowed in file name", ill_char, ill_file); } else { sprintf(error, "First character, \"%s\", not allowed in file name", ill_char); } return(error); } if((i=is_writable_dir(file)) == 0 || i == 1){ sprintf(error, "\"%s\" is a directory", file); return(error); } if(ps_global->restricted || ps_global->VAR_OPER_DIR){ for(ptr = file; *ptr == ' '; ptr++) ; /* leading spaces gone */ if((ptr[0] == '.' && ptr[1] == '.') || srchstr(ptr, "/../")){ sprintf(error, "\"..\" not allowed in filename"); return(error); } } return((char *)NULL); } /*---------------------------------------------------------------------- Check to see if user is allowed to read or write this folder. Args: s -- the name to check Result: Returns 1 if OK Returns 0 and posts an error message if access is denied ----*/ int cntxt_allowed(s) char *s; { struct variable *vars = ps_global->vars; int retval = 1; MAILSTREAM stream; /* fake stream for error message in mm_notify */ if(ps_global->restricted && (strindex("./~", s[0]) || srchstr(s, "/../"))){ stream.mailbox = s; mm_notify(&stream, "Restricted mode doesn't allow operation", WARN); retval = 0; } else if(VAR_OPER_DIR && s[0] != '{' && !(s[0] == '*' && s[1] == '{') && strucmp(s,ps_global->inbox_name) != 0 && strcmp(s, ps_global->VAR_INBOX_PATH) != 0){ char *p, *free_this = NULL; p = s; if(strindex(s, '~')){ p = strindex(s, '~'); free_this = (char *)fs_get(strlen(p) + 200); strcpy(free_this, p); fnexpand(free_this, strlen(p)+200); p = free_this; } else if(p[0] != '/'){ /* add home dir to relative paths */ free_this = p = (char *)fs_get(strlen(s) + strlen(ps_global->home_dir) + 2); build_path(p, ps_global->home_dir, s); } if(!in_dir(VAR_OPER_DIR, p)){ char err[200]; sprintf(err, "Not allowed outside of %s", VAR_OPER_DIR); stream.mailbox = p; mm_notify(&stream, err, WARN); retval = 0; } else if(srchstr(p, "/../")){ /* check for .. in path */ stream.mailbox = p; mm_notify(&stream, "\"..\" not allowed in name", WARN); retval = 0; } if(free_this) fs_give((void **)&free_this); } return retval; }