From cabfa11c385acfe991013109e45a34fa9fe84759 Mon Sep 17 00:00:00 2001 From: Frank Bergkemper Date: Thu, 15 Jul 2021 18:14:50 +0200 Subject: [PATCH 1/2] webui: handle filenames containing backslashes properly Fixes #971: Error building tree for filenames with backslashes (cherry picked from commit 0df1caafed8428ad531a2b8a5a7b5a2e054d0f22) --- .../src/Restore/Controller/RestoreController.php | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/webui/module/Restore/src/Restore/Controller/RestoreController.php b/webui/module/Restore/src/Restore/Controller/RestoreController.php index 924337ce04b..44ae7194ddd 100644 --- a/webui/module/Restore/src/Restore/Controller/RestoreController.php +++ b/webui/module/Restore/src/Restore/Controller/RestoreController.php @@ -5,7 +5,7 @@ * bareos-webui - Bareos Web-Frontend * * @link https://github.com/bareos/bareos for the canonical source repository - * @copyright Copyright (c) 2013-2019 Bareos GmbH & Co. KG (http://www.bareos.org/) + * @copyright Copyright (c) 2013-2021 Bareos GmbH & Co. KG (http://www.bareos.org/) * @license GNU Affero General Public License (http://www.gnu.org/licenses/) * * This program is free software: you can redistribute it and/or modify @@ -539,6 +539,15 @@ private function updateBvfsCache() } } + private function escapeNameString($n=null) + { + $n = preg_replace('/[\x00-\x1F\x7F]/', '', $n); + $replace_pairs = array('"' => '\"', '\\' => '\\\\'); + $n = strtr($n, $replace_pairs); + + return $n; + } + /** * Builds a subtree as Json for JStree */ @@ -586,7 +595,7 @@ private function buildSubtree() --$dnum; $items .= '{'; $items .= '"id":"-' . $dir['pathid'] . '"'; - $items .= ',"text":"' . preg_replace('/[\x00-\x1F\x7F]/', '', str_replace('"', '\"', $dir["name"])) . '"'; + $items .= ',"text":"' . $this->escapeNameString($dir["name"]) . '"'; $items .= ',"icon":"glyphicon glyphicon-folder-close"'; $items .= ',"state":""'; $items .= ',"data":' . \Zend\Json\Json::encode($dir, \Zend\Json\Json::TYPE_OBJECT); @@ -606,7 +615,7 @@ private function buildSubtree() foreach($this->files as $file) { $items .= '{'; $items .= '"id":"' . $file["fileid"] . '"'; - $items .= ',"text":"' . preg_replace('/[\x00-\x1F\x7F]/', '', str_replace('"', '\"', $file["name"])) . '"'; + $items .= ',"text":"' . $this->escapeNameString($file["name"]) . '"'; $items .= ',"icon":"glyphicon glyphicon-file"'; $items .= ',"state":""'; $items .= ',"data":' . \Zend\Json\Json::encode($file, \Zend\Json\Json::TYPE_OBJECT); From 64692fd9e41de38a019885e012a31c1228a25fdd Mon Sep 17 00:00:00 2001 From: Frank Bergkemper Date: Thu, 15 Jul 2021 19:13:38 +0200 Subject: [PATCH 2/2] webui: quote restore command parameters Fixes #1020: Can not restore a client with spaces in its name (cherry picked from commit 52827c8b99db724d418736795f64f96af2b1c45a) --- webui/vendor/Bareos/library/Bareos/BSock/BareosBSock.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/webui/vendor/Bareos/library/Bareos/BSock/BareosBSock.php b/webui/vendor/Bareos/library/Bareos/BSock/BareosBSock.php index 5fa6ddedf5a..08fb5c706d9 100644 --- a/webui/vendor/Bareos/library/Bareos/BSock/BareosBSock.php +++ b/webui/vendor/Bareos/library/Bareos/BSock/BareosBSock.php @@ -964,7 +964,7 @@ public function restore($jobid=null, $client=null, $restoreclient=null, $restore $debug = self::receive_message(); } - if(self::send('restore file=?b2000'.$rnd.' client='.$client.' restoreclient='.$restoreclient.' restorejob="'.$restorejob.'" where='.$where.' replace='.$replace.' yes')) { + if(self::send('restore file=?b2000'.$rnd.' client="'.$client.'" restoreclient="'.$restoreclient.'" restorejob="'.$restorejob.'" where="'.$where.'" replace="'.$replace.'" yes')) { $result = self::receive_message(); }