SyncFlow

amir/SyncFlow

Fork 0

Commit Graph

Author	SHA1	Message	Date
amir	a0d759364e	Security: guard against path traversal from hostile remotes Build & Release APK / build (push) Successful in 12m42s Details WebDAV already sanitizes server-supplied names, but SFTP passed entry.name through unfiltered, and the engine had no central guard — a malicious or compromised remote could return '../../x' and (on the JavaFile backend) write outside the sync root. - SyncEngine: isUnsafeSyncPath() rejects empty, absolute, and any '..'-segment path; every file is checked before any read/write/delete (covers all providers). - SftpProvider.listFiles: drop '.'/'..' and names containing path separators. - PathSafetyTest covers traversal, backslash, absolute, and empty cases.	2026-06-05 02:54:21 +00:00

Author

SHA1

Message

Date

amir

a0d759364e

Security: guard against path traversal from hostile remotes

Build & Release APK / build (push) Successful in 12m42s

Details

WebDAV already sanitizes server-supplied names, but SFTP passed entry.name
through unfiltered, and the engine had no central guard — a malicious or
compromised remote could return '../../x' and (on the JavaFile backend) write
outside the sync root.

- SyncEngine: isUnsafeSyncPath() rejects empty, absolute, and any '..'-segment
  path; every file is checked before any read/write/delete (covers all providers).
- SftpProvider.listFiles: drop '.'/'..' and names containing path separators.
- PathSafetyTest covers traversal, backslash, absolute, and empty cases.

2026-06-05 02:54:21 +00:00

1 Commits