fly/flightgear
1
0
Fork 0
Code Activity

- use path validation for parsexml() nasal command

Browse source 
- util.cxx: add comment
This commit is contained in:
mfranz 2008-07-22 20:26:17 +00:00
parent 3b3f671974
commit 5033779192
2 changed files with 12 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
src/Main/util.cxx
View file

@ -198,6 +198,9 @@ fgUnescape (const char *s)
} }
// Write out path to validation node and read it back in. A Nasal
// listener is supposed to replace the path with a validated version
// or an empty string otherwise.
const char *fgValidatePath (const char *str, bool write) const char *fgValidatePath (const char *str, bool write)
{ {
static SGPropertyNode_ptr r, w; static SGPropertyNode_ptr r, w;

13
src/Scripting/NasalSys.cxx
View file

@ -28,6 +28,7 @@
#include <Airports/simple.hxx> #include <Airports/simple.hxx>
#include <Main/globals.hxx> #include <Main/globals.hxx>
#include <Main/fg_props.hxx> #include <Main/fg_props.hxx>
#include <Main/util.hxx>
#include <Scenery/scenery.hxx> #include <Scenery/scenery.hxx>
#include "NasalSys.hxx" #include "NasalSys.hxx"
@ -380,7 +381,7 @@ static naRef f_directory(naContext c, naRef me, int argc, naRef* args)
// <pi> ... callback function with two args: target, data // <pi> ... callback function with two args: target, data
// (pi = "processing instruction") // (pi = "processing instruction")
// All four callback functions are optional and default to nil. // All four callback functions are optional and default to nil.
// The function returns nil on error, and the file name otherwise. // The function returns nil on error, or the validated file name otherwise.
static naRef f_parsexml(naContext c, naRef me, int argc, naRef* args) static naRef f_parsexml(naContext c, naRef me, int argc, naRef* args)
{ {
if(argc < 1 || !naIsString(args[0])) if(argc < 1 || !naIsString(args[0]))
@ -390,7 +391,12 @@ static naRef f_parsexml(naContext c, naRef me, int argc, naRef* args)
if(!(naIsNil(args[i]) || naIsFunc(args[i]))) if(!(naIsNil(args[i]) || naIsFunc(args[i])))
naRuntimeError(c, "parsexml(): callback argument not a function"); naRuntimeError(c, "parsexml(): callback argument not a function");
const char* file = naStr_data(args[0]); const char* file = fgValidatePath(naStr_data(args[0]), false);
if(!file) {
naRuntimeError(c, "parsexml(): reading '%s' denied "
"(unauthorized access)", naStr_data(args[0]));
return naNil();
}
std::ifstream input(file); std::ifstream input(file);
NasalXMLVisitor visitor(c, argc, args); NasalXMLVisitor visitor(c, argc, args);
try { try {
@ -400,7 +406,7 @@ static naRef f_parsexml(naContext c, naRef me, int argc, naRef* args)
file, e.getFormattedMessage().c_str()); file, e.getFormattedMessage().c_str());
return naNil(); return naNil();
} }
return args[0]; return naStr_fromdata(naNewString(c), const_cast<char*>(file), strlen(file));
} }
// Return UNIX epoch time in seconds. // Return UNIX epoch time in seconds.
@ -418,7 +424,6 @@ static naRef f_systime(naContext c, naRef me, int argc, naRef* args)
do { t = time(0); gettimeofday(&td, 0); } while(t != time(0)); do { t = time(0); gettimeofday(&td, 0); } while(t != time(0));
return naNum(t + 1e-6 * td.tv_usec); return naNum(t + 1e-6 * td.tv_usec);
#endif #endif
} }
// Convert a cartesian point to a geodetic lat/lon/altitude. // Convert a cartesian point to a geodetic lat/lon/altitude.