Commit a36a342e authored Apr 05, 2022 by Shaju Mathew Committed by Elliott Hughes Apr 05, 2022

Backport of Win-specific suppression of potentially rogue construct that can engage


in directory traversal on the host.

Bug:209438553

Ignore-AOSP-First: Resolution for potential security exploit.

Test: Synced just system/core, therefore relying on presubmits for now.
Will followup with a full-fledged sync and manual cursory test.

Signed-off-by: Shaju Mathew <shaju@google.com>
Change-Id: I993a00ce6130478b7becfdbea816c348824f319f
Merged-In: Ie1f82db2fb14e1bdd183bf8d3d93d5e9f974be5d

parent 0ed516e7

adb/client/file_sync_client.cpp

+12 −0

Original line number	Diff line number	Diff line
		@@ -629,6 +629,18 @@ static bool sync_ls(SyncConnection& sc, const char* path,
		if (!ReadFdExactly(sc.fd, buf, len)) return false;
		buf[len] = 0;

		// Address the unlikely scenario wherein a
		// compromised device/service might be able to
		// traverse across directories on the host. Let's
		// shut that door!
		if (strchr(buf, '/')
		#if defined(_WIN32)
		\|\| strchr(buf, '\\')
		#endif
		) {
		return false;
		}

		func(msg.dent.mode, msg.dent.size, msg.dent.time, buf);
		}
		}