1 files changed, 39 insertions, 4 deletions
diff --git a/src/firejail/main.c b/src/firejail/main.c
index e171919d1..3afecbe62 100644
--- a/src/firejail/main.c
+++ b/src/firejail/main.c
@@ -536,9 +536,44 @@ static void run_cmd_and_exit(int i, int argc, char **argv) {
                        // get file
                        pid_t pid;
                        if (read_pid(argv[i] + 6, &pid) == 0)           
-                                sandboxfs(SANDBOX_FS_GET, pid, path);
+                                sandboxfs(SANDBOX_FS_GET, pid, path, NULL);
                        else
-                                sandboxfs_name(SANDBOX_FS_GET, argv[i] + 6, path);
+                                sandboxfs_name(SANDBOX_FS_GET, argv[i] + 6, path, NULL);
+                        exit(0);
+                }
+                else {
+                        fprintf(stderr, "Error: --get feature is disabled in Firejail configuration file\n");
+                        exit(1);
+                }
+        }
+        else if (strncmp(argv[i], "--put=", 6) == 0) {
+                if (checkcfg(CFG_FILE_TRANSFER)) {
+                        logargs(argc, argv);
+                        
+                        // verify path
+                        if ((i + 3) != argc) {
+                                fprintf(stderr, "Error: invalid --put option, 2 paths expected\n");
+                                exit(1);
+                        }
+                        char *path1 = argv[i + 1];
+                         invalid_filename(path1);
+                         if (strstr(path1, "..")) {
+                                fprintf(stderr, "Error: invalid file name %s\n", path1);
+                                exit(1);
+                         }
+                        char *path2 = argv[i + 2];
+                         invalid_filename(path2);
+                         if (strstr(path2, "..")) {
+                                fprintf(stderr, "Error: invalid file name %s\n", path2);
+                                exit(1);
+                         }
+                         
+                        // get file
+                        pid_t pid;
+                        if (read_pid(argv[i] + 6, &pid) == 0)           
+                                sandboxfs(SANDBOX_FS_PUT, pid, path1, path2);
+                        else
+                                sandboxfs_name(SANDBOX_FS_PUT, argv[i] + 6, path1, path2);
                        exit(0);
                }
                else {
@@ -565,9 +600,9 @@ static void run_cmd_and_exit(int i, int argc, char **argv) {
                        // list directory contents
                        pid_t pid;
                        if (read_pid(argv[i] + 5, &pid) == 0)           
-                                sandboxfs(SANDBOX_FS_LS, pid, path);
+                                sandboxfs(SANDBOX_FS_LS, pid, path, NULL);
                        else
-                                sandboxfs_name(SANDBOX_FS_LS, argv[i] + 5, path);
+                                sandboxfs_name(SANDBOX_FS_LS, argv[i] + 5, path, NULL);
                        exit(0);
                }
                else {

diff --git a/src/firejail/main.c b/src/firejail/main.c index e171919d1..3afecbe62 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c
@@ -536,9 +536,44 @@ static void run_cmd_and_exit(int i, int argc, char **argv) {
536	// get file	536	// get file
537	pid_t pid;	537	pid_t pid;
538	if (read_pid(argv[i] + 6, &pid) == 0)	538	if (read_pid(argv[i] + 6, &pid) == 0)
539	sandboxfs(SANDBOX_FS_GET, pid, path);	539	sandboxfs(SANDBOX_FS_GET, pid, path, NULL);
540	else	540	else
541	sandboxfs_name(SANDBOX_FS_GET, argv[i] + 6, path);	541	sandboxfs_name(SANDBOX_FS_GET, argv[i] + 6, path, NULL);
		542	exit(0);
		543	}
		544	else {
		545	fprintf(stderr, "Error: --get feature is disabled in Firejail configuration file\n");
		546	exit(1);
		547	}
		548	}
		549	else if (strncmp(argv[i], "--put=", 6) == 0) {
		550	if (checkcfg(CFG_FILE_TRANSFER)) {
		551	logargs(argc, argv);
		552
		553	// verify path
		554	if ((i + 3) != argc) {
		555	fprintf(stderr, "Error: invalid --put option, 2 paths expected\n");
		556	exit(1);
		557	}
		558	char *path1 = argv[i + 1];
		559	invalid_filename(path1);
		560	if (strstr(path1, "..")) {
		561	fprintf(stderr, "Error: invalid file name %s\n", path1);
		562	exit(1);
		563	}
		564	char *path2 = argv[i + 2];
		565	invalid_filename(path2);
		566	if (strstr(path2, "..")) {
		567	fprintf(stderr, "Error: invalid file name %s\n", path2);
		568	exit(1);
		569	}
		570
		571	// get file
		572	pid_t pid;
		573	if (read_pid(argv[i] + 6, &pid) == 0)
		574	sandboxfs(SANDBOX_FS_PUT, pid, path1, path2);
		575	else
		576	sandboxfs_name(SANDBOX_FS_PUT, argv[i] + 6, path1, path2);
542	exit(0);	577	exit(0);
543	}	578	}
544	else {	579	else {
@@ -565,9 +600,9 @@ static void run_cmd_and_exit(int i, int argc, char **argv) {
565	// list directory contents	600	// list directory contents
566	pid_t pid;	601	pid_t pid;
567	if (read_pid(argv[i] + 5, &pid) == 0)	602	if (read_pid(argv[i] + 5, &pid) == 0)
568	sandboxfs(SANDBOX_FS_LS, pid, path);	603	sandboxfs(SANDBOX_FS_LS, pid, path, NULL);
569	else	604	else
570	sandboxfs_name(SANDBOX_FS_LS, argv[i] + 5, path);	605	sandboxfs_name(SANDBOX_FS_LS, argv[i] + 5, path, NULL);
571	exit(0);	606	exit(0);
572	}	607	}
573	else {	608	else {