From 9dd3213393ece6293458ad9cb601e43d6204883f Mon Sep 17 00:00:00 2001
From: "alexey.lysiuk" <alexey.lysiuk@gmail.com>
Date: Wed, 29 Jan 2020 11:41:23 +0200
Subject: [PATCH] - fixed path traversal on POSIX platforms

---
 source/common/searchpaths.cpp           | 2 +-
 source/platform/posix/cocoa/i_system.mm | 3 ++-
 source/platform/posix/i_system.h        | 3 ++-
 source/platform/posix/sdl/i_system.cpp  | 3 ++-
 4 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/source/common/searchpaths.cpp b/source/common/searchpaths.cpp
index 56b1b8c09..2e24a76f4 100644
--- a/source/common/searchpaths.cpp
+++ b/source/common/searchpaths.cpp
@@ -162,7 +162,7 @@ void CollectSubdirectories(TArray<FString> &searchpath, const char *dirmatch)
 	{
 		findstate_t findstate;
 		void* handle;
-		if ((handle = I_FindFirst(AbsPath + "/*.*", &findstate)) != (void*)-1)
+		if ((handle = I_FindFirst(AbsPath + "/*", &findstate)) != (void*)-1)
 		{
 			do
 			{
diff --git a/source/platform/posix/cocoa/i_system.mm b/source/platform/posix/cocoa/i_system.mm
index 3fa59cf37..9038893a0 100644
--- a/source/platform/posix/cocoa/i_system.mm
+++ b/source/platform/posix/cocoa/i_system.mm
@@ -180,6 +180,7 @@ void* I_FindFirst(const char* const filespec, findstate_t* const fileinfo)
 	{
 		pattern = slash+1;
 		dir = FString(filespec, slash - filespec + 1);
+		fileinfo->path = dir;
 	}
 	else
 	{
@@ -234,7 +235,7 @@ int I_FindAttr(findstate_t* const fileinfo)
 	dirent* const ent = fileinfo->namelist[fileinfo->current];
 	bool isdir;
 
-	if (DirEntryExists(ent->d_name, &isdir))
+	if (DirEntryExists(fileinfo->path + ent->d_name, &isdir))
 	{
 		return isdir ? FA_DIREC : 0;
 	}
diff --git a/source/platform/posix/i_system.h b/source/platform/posix/i_system.h
index 48c365af2..21b5c0f6b 100644
--- a/source/platform/posix/i_system.h
+++ b/source/platform/posix/i_system.h
@@ -73,9 +73,10 @@ bool I_SetCursor(FTexture *);
 struct findstate_t
 {
 private:
-    int count;
+	FString path;
     struct dirent **namelist;
     int current;
+	int count;
 
 	friend void *I_FindFirst(const char *filespec, findstate_t *fileinfo);
 	friend int I_FindNext(void *handle, findstate_t *fileinfo);
diff --git a/source/platform/posix/sdl/i_system.cpp b/source/platform/posix/sdl/i_system.cpp
index 7dd138ea2..60d4aa005 100644
--- a/source/platform/posix/sdl/i_system.cpp
+++ b/source/platform/posix/sdl/i_system.cpp
@@ -304,6 +304,7 @@ void *I_FindFirst (const char *filespec, findstate_t *fileinfo)
 	{
 		pattern = slash+1;
 		dir = FString(filespec, slash-filespec+1);
+		fileinfo->path = dir;
 	}
 	else
 	{
@@ -350,7 +351,7 @@ int I_FindAttr(findstate_t* const fileinfo)
 	dirent* const ent = fileinfo->namelist[fileinfo->current];
 	bool isdir;
 
-	if (DirEntryExists(ent->d_name, &isdir))
+	if (DirEntryExists(fileinfo->path + ent->d_name, &isdir))
 	{
 		return isdir ? FA_DIREC : 0;
 	}