fly/flightgear
1
0
Fork 0
Code Activity

fgValidatePath: documentation improvements

Browse source
This commit is contained in:
Rebecca N. Palmer 2015-11-22 11:03:00 +00:00
parent 91dc448875
commit 97f235173e
2 changed files with 19 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
src/Main/util.cxx
View file

@ -75,10 +75,12 @@ fgGetLowPass (double current, double target, double timeratio)
static string_list read_allowed_paths;
static string_list write_allowed_paths;
// Allowed paths here are absolute, and may contain _one_ *,
// which matches any string
// FG_SCENERY is deliberately not allowed, as it would make
// /sim/terrasync/scenery-dir a security hole
/**
* Allowed paths here are absolute, and may contain _one_ *,
* which matches any string
* FG_SCENERY is deliberately not allowed, as it would make
* /sim/terrasync/scenery-dir a security hole
*/
void fgInitAllowedPaths()
{
if(SGPath("ygjmyfvhhnvdoesnotexist").realpath() == "ygjmyfvhhnvdoesnotexist"){
@ -142,10 +144,13 @@ void fgInitAllowedPaths()
}
}
// Check whether Nasal is allowed to access a path
// Warning: because this always (not just on Windows) converts \ to /,
// and accepts relative paths (check-to-use race if the current directory
// changes), always use the returned path not the original one
/**
* Check whether Nasal is allowed to access a path
* Warning: because this always (not just on Windows) treats both \ and /
* as path separators, and accepts relative paths (check-to-use race if
* the current directory changes),
* always use the returned path not the original one
*/
std::string fgValidatePath (const std::string& path, bool write)
{
// Normalize the path (prevents ../../.. or symlink trickery)

7
src/Main/util.hxx
View file

@ -40,7 +40,12 @@ double fgGetLowPass (double current, double target, double timeratio);
* File access control, used by Nasal and fgcommands.
* @param path Path to be validated
* @param write True for write operations and false for read operations.
* @return The validated path on success or 0 if access denied.
* @return The validated path on success or empty if access denied.
*
* Warning: because this always (not just on Windows) treats both \ and /
* as path separators, and accepts relative paths (check-to-use race if
* the current directory changes),
* always use the returned path not the original one
*/
std::string fgValidatePath(const SGPath& path, bool write);
std::string fgValidatePath(const std::string& path, bool write);