Check image file nesting level

src/raspberrypi/rascsi.cpp

@@ -1250,6 +1250,7 @@ bool ParseArgument(int argc, char* argv[], int& port)
 					cerr << "Invalid image file scan depth " << optarg << endl;
 					return false;
 				}
+				rascsi_image.SetDepth(scan_depth);
 				continue;
 
 			case 'n':

src/raspberrypi/rascsi_image.cpp

@@ -44,6 +44,13 @@ RascsiImage::RascsiImage()
 	else {
 		default_image_folder = "/home/pi/images";
 	}
+
+	depth = 0;
+}
+
+bool RascsiImage::CheckDepth(const string& folder)
+{
+	return count(folder.begin(), folder.end(), '/') <= depth;
 }
 
 bool RascsiImage::CreateImageFolder(int fd, const string& filename)
@@ -122,6 +129,10 @@ bool RascsiImage::CreateImage(int fd, const PbCommand& command)
 		return ReturnStatus(fd, false, "Can't create image file: Missing image filename");
 	}
 
+	if (!CheckDepth(filename)) {
+		return ReturnStatus(fd, false, ("Invalid folder hierarchy depth '" + filename + "'").c_str());
+	}
+
 	string full_filename = default_image_folder + "/" + filename;
 	if (!IsValidDstFilename(full_filename)) {
 		return ReturnStatus(fd, false, "Can't create image file: '" + full_filename + "': File already exists");
@@ -186,6 +197,10 @@ bool RascsiImage::DeleteImage(int fd, const PbCommand& command)
 		return ReturnStatus(fd, false, "Missing image filename");
 	}
 
+	if (!CheckDepth(filename)) {
+		return ReturnStatus(fd, false, ("Invalid folder hierarchy depth '" + filename + "'").c_str());
+	}
+
 	string full_filename = default_image_folder + "/" + filename;
 
 	int id;
@@ -242,6 +257,14 @@ bool RascsiImage::RenameImage(int fd, const PbCommand& command)
 		return ReturnStatus(fd, false, "Can't rename image file '" + from + "': Missing destination filename");
 	}
 
+	if (!CheckDepth(from)) {
+		return ReturnStatus(fd, false, ("Invalid folder hierarchy depth '" + from + "'").c_str());
+	}
+
+	if (!CheckDepth(to)) {
+		return ReturnStatus(fd, false, ("Invalid folder hierarchy depth '" + to + "'").c_str());
+	}
+
 	to = default_image_folder + "/" + to;
 	if (!IsValidDstFilename(to)) {
 		return ReturnStatus(fd, false, "Can't rename image file '" + from + "' to '" + to + "': File already exists");
@@ -277,6 +300,14 @@ bool RascsiImage::CopyImage(int fd, const PbCommand& command)
 		return ReturnStatus(fd, false, "Can't copy image file '" + from + "': Missing destination filename");
 	}
 
+	if (!CheckDepth(from)) {
+		return ReturnStatus(fd, false, ("Invalid folder hierarchy depth '" + from + "'").c_str());
+	}
+
+	if (!CheckDepth(to)) {
+		return ReturnStatus(fd, false, ("Invalid folder hierarchy depth '" + to + "'").c_str());
+	}
+
 	to = default_image_folder + "/" + to;
 	if (!IsValidDstFilename(to)) {
 		return ReturnStatus(fd, false, "Can't copy image file '" + from + "' to '" + to + "': File already exists");
@@ -342,9 +373,11 @@ bool RascsiImage::SetImagePermissions(int fd, const PbCommand& command)
 	if (filename.empty()) {
 		return ReturnStatus(fd, false, "Missing image filename");
 	}
-	if (filename.find('/') != string::npos) {
+
-		return ReturnStatus(fd, false, "The image filename '" + filename + "' must not contain a path");
+	if (!CheckDepth(filename)) {
+		return ReturnStatus(fd, false, ("Invalid folder hierarchy depth '" + filename + "'").c_str());
 	}
+
 	filename = default_image_folder + "/" + filename;
 	if (!IsValidSrcFilename(filename)) {
 		return ReturnStatus(fd, false, "Can't modify image file '" + filename + "': Invalid name or type");

src/raspberrypi/rascsi_image.h

@@ -22,6 +22,8 @@ public:
 	RascsiImage();
 	~RascsiImage() {};
 
+	void SetDepth(int depth) { this->depth = depth; }
+	bool CheckDepth(const string&);
 	bool CreateImageFolder(int, const string&);
 	string GetDefaultImageFolder() const { return default_image_folder; }
 	string SetDefaultImageFolder(const string&);
@@ -36,4 +38,5 @@ public:
 private:
 
 	string default_image_folder;
+	int depth;
 };