Backport of Win-specific suppression of potentially rogue construct that can engage am: a36a342ec9

Original change: https://googleplex-android-review.googlesource.com/c/platform/system/core/+/17585758 Change-Id: I7ef66b9834289defd54eab9dc096f67412dbae52 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-04-14 16:12:59 +00:00 · 2022-04-14 16:12:59 +00:00 · a9dd53c25f
commit a9dd53c25f
parent 36d6092946 a36a342ec9
1 changed files with 12 additions and 0 deletions
--- a/adb/client/file_sync_client.cpp
+++ b/adb/client/file_sync_client.cpp
@ -629,6 +629,18 @@ static bool sync_ls(SyncConnection& sc, const char* path,
        if (!ReadFdExactly(sc.fd, buf, len)) return false;
        buf[len] = 0;

+        // Address the unlikely scenario wherein a
+        // compromised device/service might be able to
+        // traverse across directories on the host. Let's
+        // shut that door!
+        if (strchr(buf, '/')
+#if defined(_WIN32)
+            || strchr(buf, '\\')
+#endif
+           ) {
+          return false;
+        }
+
        func(msg.dent.mode, msg.dent.size, msg.dent.time, buf);
    }
 }