From 196c6672667ae3043e739595ccd71dddb29e9a98 Mon Sep 17 00:00:00 2001
From: "Rebecca N. Palmer" <rebecca_palmer@zoho.com>
Date: Fri, 13 Mar 2015 22:39:22 +0000
Subject: [PATCH] Normalize the allowed paths as well (fix Windows breakage)

---
 src/Main/util.cxx | 123 +++++++++++++++++++++++-----------------------
 1 file changed, 62 insertions(+), 61 deletions(-)

diff --git a/src/Main/util.cxx b/src/Main/util.cxx
index 15f7158d5..c3bcdfec7 100644
--- a/src/Main/util.cxx
+++ b/src/Main/util.cxx
@@ -72,67 +72,6 @@ fgGetLowPass (double current, double target, double timeratio)
     return current;
 }
 
-static string_list read_allowed_paths;
-static string_list write_allowed_paths;
-
-// Allowed paths here are absolute, and may contain _one_ *,
-// which matches any string
-// FG_SCENERY is deliberately not allowed, as it would make
-// /sim/terrasync/scenery-dir a security hole
-void fgInitAllowedPaths()
-{
-    read_allowed_paths.clear();
-    write_allowed_paths.clear();
-    read_allowed_paths.push_back(globals->get_fg_root() + "/*");
-    read_allowed_paths.push_back(globals->get_fg_home() + "/*");
-    string_list const aircraft_paths = globals->get_aircraft_paths();
-    for( string_list::const_iterator it = aircraft_paths.begin();
-                                     it != aircraft_paths.end();
-                                   ++it )
-    {
-        read_allowed_paths.push_back(*it + "/*");
-    }
-
-    for( string_list::const_iterator it = read_allowed_paths.begin();
-                                     it != read_allowed_paths.end();
-                                   ++it )
-    { // if we get the initialization order wrong, better to have an
-      // obvious error than a can-read-everything security hole...
-        if (!(it->compare("/*"))){
-            flightgear::fatalMessageBox("Nasal initialization error",
-                                    "Empty string in FG_ROOT, FG_HOME or FG_AIRCRAFT",
-                                    "or fgInitAllowedPaths() called too early");
-            exit(-1);
-        }
-    }
-    write_allowed_paths.push_back("/tmp/*.xml");
-    write_allowed_paths.push_back(globals->get_fg_home() + "/*.sav");
-    write_allowed_paths.push_back(globals->get_fg_home() + "/*.log");
-    write_allowed_paths.push_back(globals->get_fg_home() + "/cache/*");
-    write_allowed_paths.push_back(globals->get_fg_home() + "/Export/*");
-    write_allowed_paths.push_back(globals->get_fg_home() + "/state/*.xml");
-    write_allowed_paths.push_back(globals->get_fg_home() + "/aircraft-data/*.xml");
-    write_allowed_paths.push_back(globals->get_fg_home() + "/Wildfire/*.xml");
-    write_allowed_paths.push_back(globals->get_fg_home() + "/runtime-jetways/*.xml");
-    write_allowed_paths.push_back(globals->get_fg_home() + "/Input/Joysticks/*.xml");
-    
-    // Check that it works
-    if(!fgValidatePath(globals->get_fg_home() + "/../no.log",true).empty() ||
-        !fgValidatePath(globals->get_fg_home() + "/no.lot",true).empty() ||
-        !fgValidatePath(globals->get_fg_home() + "/nolog",true).empty() ||
-        !fgValidatePath(globals->get_fg_home() + "no.log",true).empty() ||
-        !fgValidatePath("..\\" + globals->get_fg_home() + "/no.log",false).empty() ||
-        !fgValidatePath(std::string("/tmp/no.xml"),false).empty() ||
-        fgValidatePath(globals->get_fg_home() + "/./ff/../Export\\yes..gg",true).empty() ||
-        fgValidatePath(globals->get_fg_home() + "/aircraft-data/yes..xml",true).empty() ||
-        fgValidatePath(globals->get_fg_root() + "/./\\yes.bmp",false).empty()) {
-            flightgear::fatalMessageBox("Nasal initialization error",
-                                    "fgInitAllowedPaths() does not work",
-                                    "");
-            exit(-1);
-    }
-}
-
 // Normalize a path
 // Unlike SGPath::realpath, does not require that the file already exists,
 // but does require that it be below the starting point
@@ -166,6 +105,68 @@ static std::string fgNormalizePath (const std::string& path)
     return normed_path;
  }
 
+static string_list read_allowed_paths;
+static string_list write_allowed_paths;
+
+// Allowed paths here are absolute, and may contain _one_ *,
+// which matches any string
+// FG_SCENERY is deliberately not allowed, as it would make
+// /sim/terrasync/scenery-dir a security hole
+void fgInitAllowedPaths()
+{
+    read_allowed_paths.clear();
+    write_allowed_paths.clear();
+    std::string fg_root = fgNormalizePath(globals->get_fg_root());
+    std::string fg_home = fgNormalizePath(globals->get_fg_home());
+    read_allowed_paths.push_back(fg_root + "/*");
+    read_allowed_paths.push_back(fg_home + "/*");
+    string_list const aircraft_paths = globals->get_aircraft_paths();
+    for( string_list::const_iterator it = aircraft_paths.begin();
+                                     it != aircraft_paths.end();
+                                   ++it )
+    {
+        read_allowed_paths.push_back(fgNormalizePath(*it) + "/*");
+    }
+
+    for( string_list::const_iterator it = read_allowed_paths.begin();
+                                     it != read_allowed_paths.end();
+                                   ++it )
+    { // if we get the initialization order wrong, better to have an
+      // obvious error than a can-read-everything security hole...
+        if (!(it->compare("/*"))){
+            flightgear::fatalMessageBox("Nasal initialization error",
+                                    "Empty string in FG_ROOT, FG_HOME or FG_AIRCRAFT",
+                                    "or fgInitAllowedPaths() called too early");
+            exit(-1);
+        }
+    }
+    write_allowed_paths.push_back("/tmp/*.xml");
+    write_allowed_paths.push_back(fg_home + "/*.sav");
+    write_allowed_paths.push_back(fg_home + "/*.log");
+    write_allowed_paths.push_back(fg_home + "/cache/*");
+    write_allowed_paths.push_back(fg_home + "/Export/*");
+    write_allowed_paths.push_back(fg_home + "/state/*.xml");
+    write_allowed_paths.push_back(fg_home + "/aircraft-data/*.xml");
+    write_allowed_paths.push_back(fg_home + "/Wildfire/*.xml");
+    write_allowed_paths.push_back(fg_home + "/runtime-jetways/*.xml");
+    write_allowed_paths.push_back(fg_home + "/Input/Joysticks/*.xml");
+    
+    // Check that it works
+    if(!fgValidatePath(globals->get_fg_home() + "/../no.log",true).empty() ||
+        !fgValidatePath(globals->get_fg_home() + "/no.lot",true).empty() ||
+        !fgValidatePath(globals->get_fg_home() + "/nolog",true).empty() ||
+        !fgValidatePath(globals->get_fg_home() + "no.log",true).empty() ||
+        !fgValidatePath("..\\" + globals->get_fg_home() + "/no.log",false).empty() ||
+        !fgValidatePath(std::string("/tmp/no.xml"),false).empty() ||
+        fgValidatePath(globals->get_fg_home() + "/./ff/../Export\\yes..gg",true).empty() ||
+        fgValidatePath(globals->get_fg_home() + "/aircraft-data/yes..xml",true).empty() ||
+        fgValidatePath(globals->get_fg_root() + "/./\\yes.bmp",false).empty()) {
+            flightgear::fatalMessageBox("Nasal initialization error",
+                                    "fgInitAllowedPaths() does not work",
+                                    "");
+            exit(-1);
+    }
+}
 
 // Check whether Nasal is allowed to access a path
 std::string fgValidatePath (const std::string& path, bool write)