publish_video: Fixed path sanitizing

cbecc66c · Julian Rother · ca4d3423 · cbecc66c · cbecc66c
Commit cbecc66c authored 7 years ago by Julian Rother
--- a/publish_video.c
+++ b/publish_video.c
@@ -15,11 +15,11 @@ int main(int argc, char *argv[])
 	jobid = atoi(argv[1]);
 	ping_job(jobid, "running", 0);
 	src = buildpath(getenv(WORKER_TMP), jstr(jlookup(argv[4], "source"), 0));
-	dest = buildpath(getenv(WORKER_RELEASED), jstr(jlookup(argv[4], "path"), 0));
+	destdir = buildpath(getenv(WORKER_RELEASED), dirname(jstr(jlookup(argv[4], "path"), 0)));
-	destdir = dirname(mprintf("%s/%s", getenv(WORKER_RELEASED), jstr(jlookup(argv[4], "path"), "")));
-	overwrite_check(dest, 0, 0);
 	if (mkdir(destdir, 02775) && errno != EEXIST)
 		job_failed("Could not create target directory \"%s\": %s", destdir, strerror(errno));
+	dest = buildpath(getenv(WORKER_RELEASED), jstr(jlookup(argv[4], "path"), 0));
+	overwrite_check(dest, 0, 0);
 	if (rename(src, dest))
 		job_failed("Overwriting target file failed: %s", strerror(errno));
 	ping_job(jobid, "finished", "{%s, \"log\": \"%s\"}",

--- a/util/buildpath.c
+++ b/util/buildpath.c
@@ -8,10 +8,10 @@ char *buildpath(char *root, char *path)
 	if (!path)
 		job_failed("Cannot build path: Value is empty");
 	if (!(root = realpath(root, 0)))
-		exit(99);
+		job_failed("Building path failed: %s", strerror(errno));
 	tmp = mprintf("%s/%s", root, path);
 	if (!(path = realpath(tmp, 0)))
-		exit(99);
+		job_failed("Building path failed: %s", strerror(errno));
 	free(tmp);
 	if (strncmp(root, path, strlen(root)))
 		job_failed("Cannot build path: Path points out of root directory");