From 8e875b22f53514a5e3a46ecf2e15a26616668e75 Mon Sep 17 00:00:00 2001 From: James Turner Date: Sun, 3 Jul 2016 23:59:40 +0100 Subject: [PATCH] fgValidatePath uses SGPath --- src/Canvas/FGCanvasSystemAdapter.cxx | 9 +++++---- src/Main/fg_commands.cxx | 18 +++++++++--------- src/Main/util.cxx | 26 +++++++++++++------------- src/Main/util.hxx | 3 +-- src/Scripting/NasalHTTP.cxx | 6 +++--- src/Scripting/NasalSGPath.cxx | 4 ++-- src/Scripting/NasalSys.cxx | 23 +++++++++++++---------- 7 files changed, 46 insertions(+), 43 deletions(-) diff --git a/src/Canvas/FGCanvasSystemAdapter.cxx b/src/Canvas/FGCanvasSystemAdapter.cxx index e035a8ac2..3fc5ee083 100644 --- a/src/Canvas/FGCanvasSystemAdapter.cxx +++ b/src/Canvas/FGCanvasSystemAdapter.cxx @@ -79,11 +79,12 @@ namespace canvas //---------------------------------------------------------------------------- osg::ref_ptr FGCanvasSystemAdapter::getImage(const std::string& path) const { - if( SGPath(path).isAbsolute() ) + SGPath p(SGPath::fromUtf8(path)); + if( p.isAbsolute() ) { - std::string valid_path = fgValidatePath(path, false); - if( !valid_path.empty() ) - return osgDB::readImageFile(valid_path.c_str()); + SGPath valid_path = fgValidatePath(p, false); + if( !valid_path.isNull() ) + return osgDB::readImageFile(valid_path.local8BitStr()); SG_LOG(SG_IO, SG_ALERT, "canvas::Image: reading '" << path << "' denied"); } diff --git a/src/Main/fg_commands.cxx b/src/Main/fg_commands.cxx index ac0133834..1040b5f9e 100644 --- a/src/Main/fg_commands.cxx +++ b/src/Main/fg_commands.cxx @@ -289,14 +289,14 @@ do_load (const SGPropertyNode * arg) if (file.extension() != "sav") file.concat(".sav"); - std::string validated_path = fgValidatePath(file, false); - if (validated_path.empty()) { + SGPath validated_path = fgValidatePath(file, false); + if (validated_path.isNull()) { SG_LOG(SG_IO, SG_ALERT, "load: reading '" << file << "' denied " "(unauthorized access)"); return false; } - sg_ifstream input(SGPath::fromUtf8(validated_path)); + sg_ifstream input(validated_path); if (input.good() && fgLoadFlight(input)) { input.close(); SG_LOG(SG_INPUT, SG_INFO, "Restored flight from " << file); @@ -322,8 +322,8 @@ do_save (const SGPropertyNode * arg) if (file.extension() != "sav") file.concat(".sav"); - std::string validated_path = fgValidatePath(file, true); - if (validated_path.empty()) { + SGPath validated_path = fgValidatePath(file, true); + if (validated_path.isNull()) { SG_LOG(SG_IO, SG_ALERT, "save: writing '" << file << "' denied " "(unauthorized access)"); return false; @@ -1149,8 +1149,8 @@ do_load_xml_to_proptree(const SGPropertyNode * arg) } } - std::string validated_path = fgValidatePath(file, false); - if (validated_path.empty()) { + SGPath validated_path = fgValidatePath(file, false); + if (validated_path.isNull()) { SG_LOG(SG_IO, SG_ALERT, "loadxml: reading '" << file << "' denied " "(unauthorized directory - authorization no longer follows symlinks; to authorize reading additional directories, add them to --fg-aircraft)"); return false; @@ -1232,8 +1232,8 @@ do_save_xml_from_proptree(const SGPropertyNode * arg) if (file.extension() != "xml") file.concat(".xml"); - std::string validated_path = fgValidatePath(file, true); - if (validated_path.empty()) { + SGPath validated_path = fgValidatePath(file, true); + if (validated_path.isNull()) { SG_LOG(SG_IO, SG_ALERT, "savexml: writing to '" << file << "' denied " "(unauthorized directory - authorization no longer follows symlinks)"); return false; diff --git a/src/Main/util.cxx b/src/Main/util.cxx index 2d333895e..616bbdcd1 100644 --- a/src/Main/util.cxx +++ b/src/Main/util.cxx @@ -138,13 +138,13 @@ void fgInitAllowedPaths() // Check that it works std::string homePath = globals->get_fg_home().utf8Str(); - if(!fgValidatePath(homePath + "/../no.log",true).empty() || - !fgValidatePath(homePath + "/no.logt",true).empty() || - !fgValidatePath(homePath + "/nolog",true).empty() || - !fgValidatePath(homePath + "no.log",true).empty() || - !fgValidatePath(homePath + "\\..\\no.log",false).empty() || - fgValidatePath(homePath + "/aircraft-data/yes..xml",true).empty() || - fgValidatePath(homePath + "/.\\yes.bmp",false).empty()) { + if(!fgValidatePath(homePath + "/../no.log",true).isNull() || + !fgValidatePath(homePath + "/no.logt",true).isNull() || + !fgValidatePath(homePath + "/nolog",true).isNull() || + !fgValidatePath(homePath + "no.log",true).isNull() || + !fgValidatePath(homePath + "\\..\\no.log",false).isNull() || + fgValidatePath(homePath + "/aircraft-data/yes..xml",true).isNull() || + fgValidatePath(homePath + "/.\\yes.bmp",false).isNull()) { flightgear::fatalMessageBox("Nasal initialization error", "The FG_HOME directory must not be inside any of the FG_ROOT, FG_AIRCRAFT or FG_SCENERY directories", "(check that you have not accidentally included an extra :, as an empty part means the current directory)"); @@ -159,10 +159,10 @@ void fgInitAllowedPaths() * the current directory changes), * always use the returned path not the original one */ -std::string fgValidatePath (const std::string& path, bool write) +SGPath fgValidatePath (const SGPath& path, bool write) { // Normalize the path (prevents ../../.. or symlink trickery) - std::string normed_path = SGPath(path).realpath(); + std::string normed_path = path.realpath(); const string_list& allowed_paths(write ? write_allowed_paths : read_allowed_paths); size_t star_pos; @@ -175,7 +175,7 @@ std::string fgValidatePath (const std::string& path, bool write) star_pos = it->find('*'); if (star_pos == std::string::npos) { if (!(it->compare(normed_path))) { - return normed_path; + return SGPath::fromUtf8(normed_path); } } else { if ((it->size()-1 <= normed_path.size()) /* long enough to be a potential match */ @@ -184,13 +184,13 @@ std::string fgValidatePath (const std::string& path, bool write) && !(it->substr(star_pos+1,it->size()-star_pos-1) .compare(normed_path.substr(star_pos+1+normed_path.size()-it->size(), it->size()-star_pos-1))) /* after-star parts match */) { - return normed_path; + return SGPath::fromUtf8(normed_path); } } } // no match found - return ""; + return SGPath(); } -std::string fgValidatePath(const SGPath& path, bool write) { return fgValidatePath(path.utf8Str(),write); } + // end of util.cxx diff --git a/src/Main/util.hxx b/src/Main/util.hxx index f078d0fdb..e75c28462 100644 --- a/src/Main/util.hxx +++ b/src/Main/util.hxx @@ -47,8 +47,7 @@ double fgGetLowPass (double current, double target, double timeratio); * the current directory changes), * always use the returned path not the original one */ -std::string fgValidatePath(const SGPath& path, bool write); -std::string fgValidatePath(const std::string& path, bool write); +SGPath fgValidatePath(const SGPath& path, bool write); /** * Set allowed paths for fgValidatePath diff --git a/src/Scripting/NasalHTTP.cxx b/src/Scripting/NasalHTTP.cxx index 15c76ed34..c59b78a0e 100644 --- a/src/Scripting/NasalHTTP.cxx +++ b/src/Scripting/NasalHTTP.cxx @@ -55,16 +55,16 @@ static naRef f_http_save(const nasal::CallContext& ctx) // Check for write access to target file const std::string filename = ctx.requireArg(1); - const std::string validated_path = fgValidatePath(filename, true); + const SGPath validated_path = fgValidatePath(filename, true); - if( validated_path.empty() ) + if( validated_path.isNull() ) naRuntimeError( ctx.c, "Access denied: can not write to %s", filename.c_str() ); return ctx.to_nasal ( - requireHTTPClient(ctx.c).client()->save(url, validated_path) + requireHTTPClient(ctx.c).client()->save(url, validated_path.utf8Str()) ); } diff --git a/src/Scripting/NasalSGPath.cxx b/src/Scripting/NasalSGPath.cxx index 08cc2c7fe..384db1685 100644 --- a/src/Scripting/NasalSGPath.cxx +++ b/src/Scripting/NasalSGPath.cxx @@ -46,8 +46,8 @@ SGPath::Permissions checkIORules(const SGPath& path) "realpath() to make a path absolute)"); } - perm.read = path.isAbsolute() && !fgValidatePath(path, false).empty(); - perm.write = path.isAbsolute() && !fgValidatePath(path, true ).empty(); + perm.read = path.isAbsolute() && !fgValidatePath(path, false).isNull(); + perm.write = path.isAbsolute() && !fgValidatePath(path, true ).isNull(); return perm; } diff --git a/src/Scripting/NasalSys.cxx b/src/Scripting/NasalSys.cxx index 20b97849c..993190511 100644 --- a/src/Scripting/NasalSys.cxx +++ b/src/Scripting/NasalSys.cxx @@ -576,8 +576,8 @@ static naRef f_directory(naContext c, naRef me, int argc, naRef* args) if(argc != 1 || !naIsString(args[0])) naRuntimeError(c, "bad arguments to directory()"); - std::string dirname = fgValidatePath(naStr_data(args[0]), false); - if(dirname.empty()) { + SGPath dirname = fgValidatePath(SGPath::fromUtf8(naStr_data(args[0])), false); + if(dirname.isNull()) { SG_LOG(SG_NASAL, SG_ALERT, "directory(): listing '" << naStr_data(args[0]) << "' denied (unauthorized directory - authorization" " no longer follows symlinks; to authorize reading additional " @@ -586,8 +586,7 @@ static naRef f_directory(naContext c, naRef me, int argc, naRef* args) return naNil(); } - SGPath d0(dirname); - simgear::Dir d(d0); + simgear::Dir d(dirname); if(!d.exists()) return naNil(); naRef result = naNewVector(c); @@ -683,9 +682,9 @@ static naRef f_open(naContext c, naRef me, int argc, naRef* args) naRef mode = argc > 1 ? naStringValue(c, args[1]) : naNil(); if(!naStr_data(file)) naRuntimeError(c, "bad argument to open()"); const char* modestr = naStr_data(mode) ? naStr_data(mode) : "rb"; - std::string filename = fgValidatePath(naStr_data(file), + SGPath filename = fgValidatePath(SGPath::fromUtf8(naStr_data(file)), strcmp(modestr, "rb") && strcmp(modestr, "r")); - if(filename.empty()) { + if(filename.isNull()) { SG_LOG(SG_NASAL, SG_ALERT, "open(): reading/writing '" << naStr_data(file) << "' denied (unauthorized directory - authorization" " no longer follows symlinks; to authorize reading additional " @@ -693,7 +692,9 @@ static naRef f_open(naContext c, naRef me, int argc, naRef* args) naRuntimeError(c, "open(): access denied (unauthorized directory)"); return naNil(); } + f = fopen(filename.c_str(), modestr); + if(!f) naRuntimeError(c, strerror(errno)); return naIOGhost(c, f); } @@ -718,8 +719,8 @@ static naRef f_parsexml(naContext c, naRef me, int argc, naRef* args) if(!(naIsNil(args[i]) || naIsFunc(args[i]))) naRuntimeError(c, "parsexml(): callback argument not a function"); - std::string file = fgValidatePath(naStr_data(args[0]), false); - if(file.empty()) { + SGPath file = fgValidatePath(SGPath::fromUtf8(naStr_data(args[0])), false); + if(file.isNull()) { SG_LOG(SG_NASAL, SG_ALERT, "parsexml(): reading '" << naStr_data(args[0]) << "' denied (unauthorized directory - authorization" " no longer follows symlinks; to authorize reading additional " @@ -727,7 +728,7 @@ static naRef f_parsexml(naContext c, naRef me, int argc, naRef* args) naRuntimeError(c, "parsexml(): access denied (unauthorized directory)"); return naNil(); } - sg_ifstream input(SGPath::fromUtf8(file)); + sg_ifstream input(file); NasalXMLVisitor visitor(c, argc, args); try { readXML(input, visitor); @@ -736,7 +737,9 @@ static naRef f_parsexml(naContext c, naRef me, int argc, naRef* args) file.c_str(), e.getFormattedMessage().c_str()); return naNil(); } - return naStr_fromdata(naNewString(c), file.c_str(), file.length()); + + std::string fs = file.utf8Str(); + return naStr_fromdata(naNewString(c), fs.c_str(), fs.length()); } /**