tool_dirhie: fix to create drive-relative directory

Fix to create the top directory `foo` when specified as `X:foo\bar\filename`, on Windows and MS-DOS. Add test to verify. Caught by Codex Security Follow-up to 787ee935ac #16566 Closes #21449
2026-05-06 13:07:28 +03:00 · 2026-04-26 13:38:47 +02:00 · 2026-04-26 13:38:47 +02:00 · 13b6a6036c
commit 13b6a6036c
parent e2f84e6ba9
6 changed files with 133 additions and 7 deletions
--- a/src/tool_dirhie.c
+++ b/src/tool_dirhie.c
@ -26,7 +26,9 @@
 #include "tool_dirhie.h"
 #include "tool_msgs.h"

-#ifdef _WIN32
+#ifdef UNITTESTS
+#  define toolx_mkdir(x, y) create_dir_hierarchy_trace_mkdir(x)
+#elif defined(_WIN32)
 #  include <direct.h>
 #  define toolx_mkdir(x, y) _mkdir(x)
 #elif defined(MSDOS) && !defined(__DJGPP__)
@ -35,6 +37,22 @@
 #  define toolx_mkdir mkdir
 #endif

+#ifdef UNITTESTS
+static struct dynbuf mkdir_results;
+
+UNITTEST struct dynbuf *create_dir_hierarchy_trace_dynres(void)
+{
+  return &mkdir_results;
+}
+
+static int create_dir_hierarchy_trace_mkdir(const char *dir)
+{
+  return !dir ||
+    curlx_dyn_add(&mkdir_results, dir) ||
+    curlx_dyn_add(&mkdir_results, "|") ? -1 : 0;
+}
+#endif
+
 static void show_dir_errno(const char *name)
 {
  switch(errno) {
@ -105,12 +123,11 @@ CURLcode create_dir_hierarchy(const char *outfile)

 #if defined(_WIN32) || defined(MSDOS)
    if(!curlx_dyn_len(&dirbuf)) {
-      /* Skip creating a drive's current directory. It may seem as though that
-         would harmlessly fail but it could be a corner case if X: did not
-         exist, since we would be creating it erroneously. eg if outfile is
-         X:\foo\bar\filename then do not mkdir X: This logic takes into
+      /* Skip creating a standalone Windows/MS-DOS drive letter 'X:', e.g.
+         if outfile is X:\foo\bar\filename. Do create drive-relative
+         directories e.g. in outfile X:foo\bar\filename. This logic takes into
         account unsupported drives !:, 1:, etc. */
-      if(len > 1 && (outfile[1] == ':'))
+      if(len == 2 && (outfile[1] == ':'))
        skip = TRUE;
    }
 #endif
--- a/src/tool_dirhie.h
+++ b/src/tool_dirhie.h
@ -25,6 +25,10 @@
 ***************************************************************************/
 #include "tool_setup.h"

+#ifdef UNITTESTS
+UNITTEST struct dynbuf *create_dir_hierarchy_trace_dynres(void);
+#endif
+
 CURLcode create_dir_hierarchy(const char *outfile);

 #endif /* HEADER_CURL_TOOL_DIRHIE_H */
--- a/tests/data/Makefile.am
+++ b/tests/data/Makefile.am
@ -230,6 +230,7 @@ test1680 test1681 test1682 test1683 test1684 test1685 \
 \
 test1700 test1701 test1702 test1703 test1704 test1705 test1706 test1707 \
 test1708 test1709 test1710 test1711 test1712 test1713 test1714 test1715 \
+test1720 \
 \
 test1800 test1801 test1802 test1847 test1848 test1849 test1850 test1851 \
 \
--- a/tests/data/test1720
+++ b/tests/data/test1720
@ -0,0 +1,24 @@
+<?xml version="1.0" encoding="US-ASCII"?>
+<testcase>
+<info>
+<keywords>
+unittest
+</keywords>
+</info>
+
+# Client-side
+<client>
+<features>
+unittest
+</features>
+<name>
+create_dir_hierarchy()
+</name>
+<tool>
+tool%TESTNUMBER
+</tool>
+</client>
+
+<verify>
+</verify>
+</testcase>
--- a/tests/tunit/Makefile.inc
+++ b/tests/tunit/Makefile.inc
@ -34,4 +34,5 @@ TESTS_C = \
  tool1604.c \
  tool1621.c \
  tool1622.c \
-  tool1623.c
+  tool1623.c \
+  tool1720.c
--- a/tests/tunit/tool1720.c
+++ b/tests/tunit/tool1720.c
@ -0,0 +1,79 @@
+/***************************************************************************
+ *                                  _   _ ____  _
+ *  Project                     ___| | | |  _ \| |
+ *                             / __| | | | |_) | |
+ *                            | (__| |_| |  _ <| |___
+ *                             \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at https://curl.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ * SPDX-License-Identifier: curl
+ *
+ ***************************************************************************/
+#include "unitcheck.h"
+#include "tool_dirhie.h"
+
+static CURLcode test_tool1720(const char *arg)
+{
+  UNITTEST_BEGIN_SIMPLE
+
+  static const char *check[] = {
+    "",
+    "(null)",
+    "filename",
+    "(null)",
+    "foo/bar/",
+    "foo|foo/bar|",
+    "foo/bar/filename",
+    "foo|foo/bar|",
+    "/foo/bar/filename",
+    "/foo|/foo/bar|",
+#if defined(_WIN32) || defined(MSDOS)
+    "C:/foo/bar/filename",
+    "C:/foo|C:/foo/bar|",
+    "C:foo/bar/filename",
+    "C:foo|C:foo/bar|",
+    "foo\\bar\\filename",
+    "foo|foo\\bar|",
+    "\\foo\\bar\\filename",
+    "\\foo|\\foo\\bar|",
+    "C:\\foo\\bar\\filename",
+    "C:\\foo|C:\\foo\\bar|",
+    "C:foo\\bar\\filename",
+    "C:foo|C:foo\\bar|",
+#endif
+  };
+
+  size_t i;
+  struct dynbuf *res = create_dir_hierarchy_trace_dynres();
+
+  curlx_dyn_init(res, 256);
+
+  for(i = 0; i < CURL_ARRAYSIZE(check); i += 2) {
+    const char *actual;
+    curlx_dyn_reset(res);
+    create_dir_hierarchy(check[i]);
+    actual = curlx_dyn_ptr(res);
+    if(!actual)
+      actual = "(null)";
+    if(strcmp(check[i + 1], actual)) {
+      curl_mprintf("Expected '%s' got '%s'\n", check[i + 1], actual);
+      unitfail++;
+    }
+  }
+
+  curlx_dyn_free(res);
+
+  UNITTEST_END_SIMPLE
+}