From cbecc66cc120e0445b0cd0b88180ae90d5b421d5 Mon Sep 17 00:00:00 2001
From: Julian Rother <julianr@fsmpi.rwth-aachen.de>
Date: Tue, 5 Dec 2017 02:31:20 +0100
Subject: [PATCH] publish_video: Fixed path sanitizing

---
 publish_video.c  | 6 +++---
 util/buildpath.c | 4 ++--
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/publish_video.c b/publish_video.c
index dfad67b..4273662 100644
--- a/publish_video.c
+++ b/publish_video.c
@@ -15,11 +15,11 @@ int main(int argc, char *argv[])
 	jobid = atoi(argv[1]);
 	ping_job(jobid, "running", 0);
 	src = buildpath(getenv(WORKER_TMP), jstr(jlookup(argv[4], "source"), 0));
-	dest = buildpath(getenv(WORKER_RELEASED), jstr(jlookup(argv[4], "path"), 0));
-	destdir = dirname(mprintf("%s/%s", getenv(WORKER_RELEASED), jstr(jlookup(argv[4], "path"), "")));
-	overwrite_check(dest, 0, 0);
+	destdir = buildpath(getenv(WORKER_RELEASED), dirname(jstr(jlookup(argv[4], "path"), 0)));
 	if (mkdir(destdir, 02775) && errno != EEXIST)
 		job_failed("Could not create target directory \"%s\": %s", destdir, strerror(errno));
+	dest = buildpath(getenv(WORKER_RELEASED), jstr(jlookup(argv[4], "path"), 0));
+	overwrite_check(dest, 0, 0);
 	if (rename(src, dest))
 		job_failed("Overwriting target file failed: %s", strerror(errno));
 	ping_job(jobid, "finished", "{%s, \"log\": \"%s\"}",
diff --git a/util/buildpath.c b/util/buildpath.c
index 4057d18..3543e52 100644
--- a/util/buildpath.c
+++ b/util/buildpath.c
@@ -8,10 +8,10 @@ char *buildpath(char *root, char *path)
 	if (!path)
 		job_failed("Cannot build path: Value is empty");
 	if (!(root = realpath(root, 0)))
-		exit(99);
+		job_failed("Building path failed: %s", strerror(errno));
 	tmp = mprintf("%s/%s", root, path);
 	if (!(path = realpath(tmp, 0)))
-		exit(99);
+		job_failed("Building path failed: %s", strerror(errno));
 	free(tmp);
 	if (strncmp(root, path, strlen(root)))
 		job_failed("Cannot build path: Path points out of root directory");
-- 
GitLab