mirror/CMake
1
0
Fork 0
mirror of https://github.com/Kitware/CMake.git synced 2026-01-06 05:40:54 -06:00
Code Issues Packages Projects Releases Wiki Activity

fileapi: Restrict reply object file path lengths

Browse Source 
Fixes: #23389
This commit is contained in:
Stefan Wüthrich
2024-08-09 16:21:07 +02:00
parent 24a6891065
commit 1ae7497b6a
8 changed files with 46 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
Source/cmFileAPI.cxx
View File

@@ -200,7 +200,28 @@ std::string cmFileAPI::WriteJsonFile(
}
// Compute the final name for the file.
fileName = prefix + "-" + computeSuffix(tmpFile) + ".json";
std::string suffix = computeSuffix(tmpFile);
std::string suffixWithExtension = cmStrCat("-", suffix, ".json");
fileName = cmStrCat(prefix, suffixWithExtension);
// Truncate the file name length
// eCryptFS has a maximal file name length recommendation of 140
size_t const maxFileNameLength = 140;
size_t const fileNameLength = fileName.size();
if (fileNameLength > maxFileNameLength) {
size_t const newHashLength = 20;
size_t const newSuffixLength =
suffixWithExtension.size() - suffix.size() + newHashLength;
size_t const overLength =
fileNameLength - maxFileNameLength + newSuffixLength;
size_t const startPos = fileNameLength - overLength;
std::string const toBeRemoved = fileName.substr(startPos, overLength);
suffix = cmCryptoHash(cmCryptoHash::AlgoSHA256)
.HashString(toBeRemoved)
.substr(0, newHashLength);
suffixWithExtension = cmStrCat("-", suffix, ".json");
fileName.replace(startPos, overLength, suffixWithExtension);
}
// Create the destination.
std::string file = this->APIv1 + "/reply";