[Cc: -stable@, as obexd is not part of the Linux kernel]
Dear Chengyi,
Thank you for your patch.
Am 30.06.25 um 15:54 schrieb Chengyi Zhao:
For security reasons, it will reject the file when the obex
Could you please elaborate on the attack?
agent replies with any error message, and accept the file
when the obex agent replies with the new file name.
---
obexd/src/manager.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
Kind regards,
Paul
diff --git a/obexd/src/manager.c b/obexd/src/manager.c
index 5a6fd9b4b..cecf9f90a 100644
--- a/obexd/src/manager.c
+++ b/obexd/src/manager.c
@@ -658,6 +658,8 @@ static void agent_reply(DBusPendingCall *call, void *user_data)
agent->new_name = g_strdup(slash + 1);
agent->new_folder = g_strndup(name, slash - name);
}
+
+ agent->auth_reject = FALSE;
}
dbus_message_unref(reply);
@@ -703,7 +705,7 @@ int manager_request_authorization(struct obex_transfer *transfer,
dbus_message_unref(msg);
agent->auth_pending = TRUE;
- agent->auth_reject = FALSE;
+ agent->auth_reject = TRUE;
got_reply = FALSE;
/* Catches errors before authorization response comes */
