diff options
| author | Aaron Ball <nullspoon@oper.io> | 2018-04-19 15:38:49 -0600 |
|---|---|---|
| committer | Aaron Ball <nullspoon@oper.io> | 2018-04-19 15:38:49 -0600 |
| commit | 3e57ef6ffb7f639bb4dee14c890311259a6cdb36 (patch) | |
| tree | f90b8583b004ca996beaefa04d13073b777c74bc | |
| parent | 141b8bd04495aa3688f876394afdf4ea887a4ddd (diff) | |
| download | gpgsecure-3e57ef6ffb7f639bb4dee14c890311259a6cdb36.tar.gz gpgsecure-3e57ef6ffb7f639bb4dee14c890311259a6cdb36.tar.xz | |
Added random temp path generation
This now calls mkdtemp to generate a random extraction path. This will
help secure the program, as well as preventing temp dir collisions when
running multiple instances simultaneously.
Added pathtoabs function which converts the specified path to its
absolute path equivelant. This function enables extraction into a temp
dir outside of the start working directory without invalidating relative
paths.
| -rw-r--r-- | c/src/main.c | 50 |
1 files changed, 45 insertions, 5 deletions
diff --git a/c/src/main.c b/c/src/main.c index 1c2aa16..341e6a4 100644 --- a/c/src/main.c +++ b/c/src/main.c @@ -18,13 +18,32 @@ #include <stdio.h> #include <stdlib.h> #include <string.h> +#include <unistd.h> +#include <libgen.h> // Provides basename and dirname #include "encarchive.h" +int pathtoabs(char* path, char* apath) { + char startdir[1024]; + getcwd(startdir, 1024); + + // Change dir to the parent directory + chdir(dirname(path)); + + getcwd(&apath[0], 2048); + strcat(apath, "/"); + strcat(apath, basename(path)); + + chdir(startdir); + return 0; +} + int main(int argc, char* argv[]) { - char* action; // Action to perform on the archive - char* archive; // Path to the archive to open. - char* tmp; // Temp (memory) path to extract into + char *action; // Action to perform on the archive + char *archive; // Path to the archive to open. + char archabs[2048]; + char *tmp; // Temp (memory) path to extract into + char tmptemplate[256] = "/tmp/gpgsecure.XXXXXX"; // Path template for tmp if(argc == 1) { printf("Archive action required (enum, extract)\n"); @@ -37,12 +56,33 @@ int main(int argc, char* argv[]) { } action = argv[1]; archive = argv[2]; - tmp = "/tmp/gpgsecure/"; if(strcmp(action, "enum") == 0) { return enc_archive_enum(archive); } else if(strcmp(action, "extract") == 0) { - return enc_archive_extract(archive, tmp); + // Convert archive path to absolute path + pathtoabs(archive, archabs); + + // Create temp dir for extraction + tmp = mkdtemp(tmptemplate); + + // Change to the temp dir for extraction + if(chdir(tmp) != 0) { + printf("An error occured switching to temp directory '%s'\n", tmp); + return 1; + } + + printf("Archive will be extracted to '%s'\n", tmp); + + // Extract + if(enc_archive_extract(archabs, tmp) == 0) { + + // printf("Cleaning up\n"); + //return rmdir(tmp); + return 0; + } + + return 1; } printf("Unknown action \"%s\"\n", action); |