search

viveris / uMTP-Responder

Lightweight USB Media Transfer Protocol (MTP) responder daemon for GNU/Linux
GNU General Public License v3.0
184 stars 49 forks source link

creating and deleting ".." folder wipes storage #65

Closed OldManYellsAtCloud closed 2 years ago

OldManYellsAtCloud commented 2 years ago

Creating a folder with the name of ".." (without quotes), and then deleting it will delete the shared storage.

Reproduction:

  1. Connect the device to a Windows PC, and open the shared folder (could work in Linux/Mac also, not sure. Haven't tried.). Have some random files/folders in the storage.
  2. On the Windows machine, in the root folder of the MTP device create a directory called ".." (without quotes). This will create a folder called "New Folder".
  3. Delete the newly created folder in Windows.

Result: the whole content of storage is wiped, including the random files you created in step 1.

jfdelnero commented 2 years ago

Thanks for reporting/pointing this security issue. Your scenario case is now fixed.

OldManYellsAtCloud commented 2 years ago

Thank you! Will be able to test it and close tomorrow.