diff options
| author | Louis Burda <quent.burda@gmail.com> | 2021-07-08 12:22:05 +0200 |
|---|---|---|
| committer | Louis Burda <quent.burda@gmail.com> | 2021-07-08 12:22:05 +0200 |
| commit | 4dbe86d40037375ca873d368da5ca0c080e40afd (patch) | |
| tree | addd93bda4e9996a0df09838ab7b1164a52934dd /service | |
| parent | 560218f16b0d4741364a426809fe5b99a9d8ee48 (diff) | |
| download | enowars5-service-stldoctor-4dbe86d40037375ca873d368da5ca0c080e40afd.tar.gz enowars5-service-stldoctor-4dbe86d40037375ca873d368da5ca0c080e40afd.zip | |
add authorization check to list as well so that second exploit cant be used for first flagstore
Diffstat (limited to 'service')
| -rw-r--r-- | service/src/main.c | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/service/src/main.c b/service/src/main.c index 4b2786d..d84a460 100644 --- a/service/src/main.c +++ b/service/src/main.c @@ -78,6 +78,12 @@ unlockfile(FILE **f) } int +authorized(char prefix) +{ + return ((prefix == '.') == (loggedin > 0)); +} + +int save_submission(struct parseinfo *info, char *stldata, int stlsize) { char *dirpath = NULL, *infopath = NULL, *modeldir = NULL, @@ -314,7 +320,7 @@ search_cmd(const char *arg) while ((c = fgetc(f)) > 0) { if (c == '\n') { matchlen = 0; - } else if (!matchlen && (c == '.') != loggedin) { + } else if (!matchlen && !authorized(c)) { matchlen = -1; } else if (matchlen >= 0 && c == filename[matchlen]) { matchlen += 1; @@ -380,6 +386,8 @@ list_cmd(const char *arg) if (*buf && buf[strlen(buf)-1] == '\n') buf[strlen(buf)-1] = '\0'; + if (!authorized(*buf)) continue; + printf(">> %s\n", buf); path = aprintf("%s/%s/info", resultdir, buf); if ((fn = fopen(path, "r")) && load_info(&info, fn) == OK) { |