fly/flightgear
1
0
Fork 0
Code Activity

fgValidatePath uses SGPath

Browse source
This commit is contained in:
James Turner 2016-07-03 23:59:40 +01:00
parent fc3d47cd34
commit 8e875b22f5
7 changed files with 46 additions and 43 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
src/Canvas/FGCanvasSystemAdapter.cxx
View file

@ -79,11 +79,12 @@ namespace canvas
//---------------------------------------------------------------------------- //----------------------------------------------------------------------------
osg::ref_ptr<osg::Image> FGCanvasSystemAdapter::getImage(const std::string& path) const osg::ref_ptr<osg::Image> FGCanvasSystemAdapter::getImage(const std::string& path) const
{ {
if( SGPath(path).isAbsolute() ) SGPath p(SGPath::fromUtf8(path));
if( p.isAbsolute() )
{ {
std::string valid_path = fgValidatePath(path, false); SGPath valid_path = fgValidatePath(p, false);
if( !valid_path.empty() ) if( !valid_path.isNull() )
return osgDB::readImageFile(valid_path.c_str()); return osgDB::readImageFile(valid_path.local8BitStr());
SG_LOG(SG_IO, SG_ALERT, "canvas::Image: reading '" << path << "' denied"); SG_LOG(SG_IO, SG_ALERT, "canvas::Image: reading '" << path << "' denied");
} }

18
src/Main/fg_commands.cxx
View file

@ -289,14 +289,14 @@ do_load (const SGPropertyNode * arg)
if (file.extension() != "sav") if (file.extension() != "sav")
file.concat(".sav"); file.concat(".sav");
std::string validated_path = fgValidatePath(file, false); SGPath validated_path = fgValidatePath(file, false);
if (validated_path.empty()) { if (validated_path.isNull()) {
SG_LOG(SG_IO, SG_ALERT, "load: reading '" << file << "' denied " SG_LOG(SG_IO, SG_ALERT, "load: reading '" << file << "' denied "
"(unauthorized access)"); "(unauthorized access)");
return false; return false;
} }
sg_ifstream input(SGPath::fromUtf8(validated_path)); sg_ifstream input(validated_path);
if (input.good() && fgLoadFlight(input)) { if (input.good() && fgLoadFlight(input)) {
input.close(); input.close();
SG_LOG(SG_INPUT, SG_INFO, "Restored flight from " << file); SG_LOG(SG_INPUT, SG_INFO, "Restored flight from " << file);
@ -322,8 +322,8 @@ do_save (const SGPropertyNode * arg)
if (file.extension() != "sav") if (file.extension() != "sav")
file.concat(".sav"); file.concat(".sav");
std::string validated_path = fgValidatePath(file, true); SGPath validated_path = fgValidatePath(file, true);
if (validated_path.empty()) { if (validated_path.isNull()) {
SG_LOG(SG_IO, SG_ALERT, "save: writing '" << file << "' denied " SG_LOG(SG_IO, SG_ALERT, "save: writing '" << file << "' denied "
"(unauthorized access)"); "(unauthorized access)");
return false; return false;
@ -1149,8 +1149,8 @@ do_load_xml_to_proptree(const SGPropertyNode * arg)
} }
} }
std::string validated_path = fgValidatePath(file, false); SGPath validated_path = fgValidatePath(file, false);
if (validated_path.empty()) { if (validated_path.isNull()) {
SG_LOG(SG_IO, SG_ALERT, "loadxml: reading '" << file << "' denied " SG_LOG(SG_IO, SG_ALERT, "loadxml: reading '" << file << "' denied "
"(unauthorized directory - authorization no longer follows symlinks; to authorize reading additional directories, add them to --fg-aircraft)"); "(unauthorized directory - authorization no longer follows symlinks; to authorize reading additional directories, add them to --fg-aircraft)");
return false; return false;
@ -1232,8 +1232,8 @@ do_save_xml_from_proptree(const SGPropertyNode * arg)
if (file.extension() != "xml") if (file.extension() != "xml")
file.concat(".xml"); file.concat(".xml");
std::string validated_path = fgValidatePath(file, true); SGPath validated_path = fgValidatePath(file, true);
if (validated_path.empty()) { if (validated_path.isNull()) {
SG_LOG(SG_IO, SG_ALERT, "savexml: writing to '" << file << "' denied " SG_LOG(SG_IO, SG_ALERT, "savexml: writing to '" << file << "' denied "
"(unauthorized directory - authorization no longer follows symlinks)"); "(unauthorized directory - authorization no longer follows symlinks)");
return false; return false;

26
src/Main/util.cxx
View file

@ -138,13 +138,13 @@ void fgInitAllowedPaths()
// Check that it works // Check that it works
std::string homePath = globals->get_fg_home().utf8Str(); std::string homePath = globals->get_fg_home().utf8Str();
if(!fgValidatePath(homePath + "/../no.log",true).empty() || if(!fgValidatePath(homePath + "/../no.log",true).isNull() ||
!fgValidatePath(homePath + "/no.logt",true).empty() || !fgValidatePath(homePath + "/no.logt",true).isNull() ||
!fgValidatePath(homePath + "/nolog",true).empty() || !fgValidatePath(homePath + "/nolog",true).isNull() ||
!fgValidatePath(homePath + "no.log",true).empty() || !fgValidatePath(homePath + "no.log",true).isNull() ||
!fgValidatePath(homePath + "\\..\\no.log",false).empty() || !fgValidatePath(homePath + "\\..\\no.log",false).isNull() ||
fgValidatePath(homePath + "/aircraft-data/yes..xml",true).empty() || fgValidatePath(homePath + "/aircraft-data/yes..xml",true).isNull() ||
fgValidatePath(homePath + "/.\\yes.bmp",false).empty()) { fgValidatePath(homePath + "/.\\yes.bmp",false).isNull()) {
flightgear::fatalMessageBox("Nasal initialization error", flightgear::fatalMessageBox("Nasal initialization error",
"The FG_HOME directory must not be inside any of the FG_ROOT, FG_AIRCRAFT or FG_SCENERY directories", "The FG_HOME directory must not be inside any of the FG_ROOT, FG_AIRCRAFT or FG_SCENERY directories",
"(check that you have not accidentally included an extra :, as an empty part means the current directory)"); "(check that you have not accidentally included an extra :, as an empty part means the current directory)");
@ -159,10 +159,10 @@ void fgInitAllowedPaths()
* the current directory changes), * the current directory changes),
* always use the returned path not the original one * always use the returned path not the original one
*/ */
std::string fgValidatePath (const std::string& path, bool write) SGPath fgValidatePath (const SGPath& path, bool write)
{ {
// Normalize the path (prevents ../../.. or symlink trickery) // Normalize the path (prevents ../../.. or symlink trickery)
std::string normed_path = SGPath(path).realpath(); std::string normed_path = path.realpath();
const string_list& allowed_paths(write ? write_allowed_paths : read_allowed_paths); const string_list& allowed_paths(write ? write_allowed_paths : read_allowed_paths);
size_t star_pos; size_t star_pos;
@ -175,7 +175,7 @@ std::string fgValidatePath (const std::string& path, bool write)
star_pos = it->find('*'); star_pos = it->find('*');
if (star_pos == std::string::npos) { if (star_pos == std::string::npos) {
if (!(it->compare(normed_path))) { if (!(it->compare(normed_path))) {
return normed_path; return SGPath::fromUtf8(normed_path);
} }
} else { } else {
if ((it->size()-1 <= normed_path.size()) /* long enough to be a potential match */ if ((it->size()-1 <= normed_path.size()) /* long enough to be a potential match */
@ -184,13 +184,13 @@ std::string fgValidatePath (const std::string& path, bool write)
&& !(it->substr(star_pos+1,it->size()-star_pos-1) && !(it->substr(star_pos+1,it->size()-star_pos-1)
.compare(normed_path.substr(star_pos+1+normed_path.size()-it->size(), .compare(normed_path.substr(star_pos+1+normed_path.size()-it->size(),
it->size()-star_pos-1))) /* after-star parts match */) { it->size()-star_pos-1))) /* after-star parts match */) {
return normed_path; return SGPath::fromUtf8(normed_path);
} }
} }
} }
// no match found // no match found
return ""; return SGPath();
} }
std::string fgValidatePath(const SGPath& path, bool write) { return fgValidatePath(path.utf8Str(),write); }
// end of util.cxx // end of util.cxx

3
src/Main/util.hxx
View file

@ -47,8 +47,7 @@ double fgGetLowPass (double current, double target, double timeratio);
* the current directory changes), * the current directory changes),
* always use the returned path not the original one * always use the returned path not the original one
*/ */
std::string fgValidatePath(const SGPath& path, bool write); SGPath fgValidatePath(const SGPath& path, bool write);
std::string fgValidatePath(const std::string& path, bool write);
/** /**
* Set allowed paths for fgValidatePath * Set allowed paths for fgValidatePath

6
src/Scripting/NasalHTTP.cxx
View file

@ -55,16 +55,16 @@ static naRef f_http_save(const nasal::CallContext& ctx)
// Check for write access to target file // Check for write access to target file
const std::string filename = ctx.requireArg<std::string>(1); const std::string filename = ctx.requireArg<std::string>(1);
const std::string validated_path = fgValidatePath(filename, true); const SGPath validated_path = fgValidatePath(filename, true);
if( validated_path.empty() ) if( validated_path.isNull() )
naRuntimeError( ctx.c, naRuntimeError( ctx.c,
"Access denied: can not write to %s", "Access denied: can not write to %s",
filename.c_str() ); filename.c_str() );
return ctx.to_nasal return ctx.to_nasal
( (
requireHTTPClient(ctx.c).client()->save(url, validated_path) requireHTTPClient(ctx.c).client()->save(url, validated_path.utf8Str())
); );
} }

4
src/Scripting/NasalSGPath.cxx
View file

@ -46,8 +46,8 @@ SGPath::Permissions checkIORules(const SGPath& path)
"realpath() to make a path absolute)"); "realpath() to make a path absolute)");
} }
perm.read = path.isAbsolute() && !fgValidatePath(path, false).empty(); perm.read = path.isAbsolute() && !fgValidatePath(path, false).isNull();
perm.write = path.isAbsolute() && !fgValidatePath(path, true ).empty(); perm.write = path.isAbsolute() && !fgValidatePath(path, true ).isNull();
return perm; return perm;
} }

23
src/Scripting/NasalSys.cxx
View file

@ -576,8 +576,8 @@ static naRef f_directory(naContext c, naRef me, int argc, naRef* args)
if(argc != 1 || !naIsString(args[0])) if(argc != 1 || !naIsString(args[0]))
naRuntimeError(c, "bad arguments to directory()"); naRuntimeError(c, "bad arguments to directory()");
std::string dirname = fgValidatePath(naStr_data(args[0]), false); SGPath dirname = fgValidatePath(SGPath::fromUtf8(naStr_data(args[0])), false);
if(dirname.empty()) { if(dirname.isNull()) {
SG_LOG(SG_NASAL, SG_ALERT, "directory(): listing '" << SG_LOG(SG_NASAL, SG_ALERT, "directory(): listing '" <<
naStr_data(args[0]) << "' denied (unauthorized directory - authorization" naStr_data(args[0]) << "' denied (unauthorized directory - authorization"
" no longer follows symlinks; to authorize reading additional " " no longer follows symlinks; to authorize reading additional "
@ -586,8 +586,7 @@ static naRef f_directory(naContext c, naRef me, int argc, naRef* args)
return naNil(); return naNil();
} }
SGPath d0(dirname); simgear::Dir d(dirname);
simgear::Dir d(d0);
if(!d.exists()) return naNil(); if(!d.exists()) return naNil();
naRef result = naNewVector(c); naRef result = naNewVector(c);
@ -683,9 +682,9 @@ static naRef f_open(naContext c, naRef me, int argc, naRef* args)
naRef mode = argc > 1 ? naStringValue(c, args[1]) : naNil(); naRef mode = argc > 1 ? naStringValue(c, args[1]) : naNil();
if(!naStr_data(file)) naRuntimeError(c, "bad argument to open()"); if(!naStr_data(file)) naRuntimeError(c, "bad argument to open()");
const char* modestr = naStr_data(mode) ? naStr_data(mode) : "rb"; const char* modestr = naStr_data(mode) ? naStr_data(mode) : "rb";
std::string filename = fgValidatePath(naStr_data(file), SGPath filename = fgValidatePath(SGPath::fromUtf8(naStr_data(file)),
strcmp(modestr, "rb") && strcmp(modestr, "r")); strcmp(modestr, "rb") && strcmp(modestr, "r"));
if(filename.empty()) { if(filename.isNull()) {
SG_LOG(SG_NASAL, SG_ALERT, "open(): reading/writing '" << SG_LOG(SG_NASAL, SG_ALERT, "open(): reading/writing '" <<
naStr_data(file) << "' denied (unauthorized directory - authorization" naStr_data(file) << "' denied (unauthorized directory - authorization"
" no longer follows symlinks; to authorize reading additional " " no longer follows symlinks; to authorize reading additional "
@ -693,7 +692,9 @@ static naRef f_open(naContext c, naRef me, int argc, naRef* args)
naRuntimeError(c, "open(): access denied (unauthorized directory)"); naRuntimeError(c, "open(): access denied (unauthorized directory)");
return naNil(); return naNil();
} }
f = fopen(filename.c_str(), modestr); f = fopen(filename.c_str(), modestr);
if(!f) naRuntimeError(c, strerror(errno)); if(!f) naRuntimeError(c, strerror(errno));
return naIOGhost(c, f); return naIOGhost(c, f);
} }
@ -718,8 +719,8 @@ static naRef f_parsexml(naContext c, naRef me, int argc, naRef* args)
if(!(naIsNil(args[i]) || naIsFunc(args[i]))) if(!(naIsNil(args[i]) || naIsFunc(args[i])))
naRuntimeError(c, "parsexml(): callback argument not a function"); naRuntimeError(c, "parsexml(): callback argument not a function");
std::string file = fgValidatePath(naStr_data(args[0]), false); SGPath file = fgValidatePath(SGPath::fromUtf8(naStr_data(args[0])), false);
if(file.empty()) { if(file.isNull()) {
SG_LOG(SG_NASAL, SG_ALERT, "parsexml(): reading '" << SG_LOG(SG_NASAL, SG_ALERT, "parsexml(): reading '" <<
naStr_data(args[0]) << "' denied (unauthorized directory - authorization" naStr_data(args[0]) << "' denied (unauthorized directory - authorization"
" no longer follows symlinks; to authorize reading additional " " no longer follows symlinks; to authorize reading additional "
@ -727,7 +728,7 @@ static naRef f_parsexml(naContext c, naRef me, int argc, naRef* args)
naRuntimeError(c, "parsexml(): access denied (unauthorized directory)"); naRuntimeError(c, "parsexml(): access denied (unauthorized directory)");
return naNil(); return naNil();
} }
sg_ifstream input(SGPath::fromUtf8(file)); sg_ifstream input(file);
NasalXMLVisitor visitor(c, argc, args); NasalXMLVisitor visitor(c, argc, args);
try { try {
readXML(input, visitor); readXML(input, visitor);
@ -736,7 +737,9 @@ static naRef f_parsexml(naContext c, naRef me, int argc, naRef* args)
file.c_str(), e.getFormattedMessage().c_str()); file.c_str(), e.getFormattedMessage().c_str());
return naNil(); return naNil();
} }
return naStr_fromdata(naNewString(c), file.c_str(), file.length());
std::string fs = file.utf8Str();
return naStr_fromdata(naNewString(c), fs.c_str(), fs.length());
} }
/** /**