fly/flightgear
1
0
Fork 0
Code Activity

fgValidatePath: documentation improvements

Browse source
This commit is contained in:
Rebecca N. Palmer 2015-11-22 11:03:00 +00:00
parent 91dc448875
commit 97f235173e
2 changed files with 19 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
src/Main/util.cxx
View file

@ -75,10 +75,12 @@ fgGetLowPass (double current, double target, double timeratio)
static string_list read_allowed_paths; static string_list read_allowed_paths;
static string_list write_allowed_paths; static string_list write_allowed_paths;
// Allowed paths here are absolute, and may contain _one_ *, /**
// which matches any string * Allowed paths here are absolute, and may contain _one_ *,
// FG_SCENERY is deliberately not allowed, as it would make * which matches any string
// /sim/terrasync/scenery-dir a security hole * FG_SCENERY is deliberately not allowed, as it would make
* /sim/terrasync/scenery-dir a security hole
*/
void fgInitAllowedPaths() void fgInitAllowedPaths()
{ {
if(SGPath("ygjmyfvhhnvdoesnotexist").realpath() == "ygjmyfvhhnvdoesnotexist"){ if(SGPath("ygjmyfvhhnvdoesnotexist").realpath() == "ygjmyfvhhnvdoesnotexist"){
@ -142,10 +144,13 @@ void fgInitAllowedPaths()
} }
} }
// Check whether Nasal is allowed to access a path /**
// Warning: because this always (not just on Windows) converts \ to /, * Check whether Nasal is allowed to access a path
// and accepts relative paths (check-to-use race if the current directory * Warning: because this always (not just on Windows) treats both \ and /
// changes), always use the returned path not the original one * as path separators, and accepts relative paths (check-to-use race if
* the current directory changes),
* always use the returned path not the original one
*/
std::string fgValidatePath (const std::string& path, bool write) std::string fgValidatePath (const std::string& path, bool write)
{ {
// Normalize the path (prevents ../../.. or symlink trickery) // Normalize the path (prevents ../../.. or symlink trickery)

7
src/Main/util.hxx
View file

@ -40,7 +40,12 @@ double fgGetLowPass (double current, double target, double timeratio);
* File access control, used by Nasal and fgcommands. * File access control, used by Nasal and fgcommands.
* @param path Path to be validated * @param path Path to be validated
* @param write True for write operations and false for read operations. * @param write True for write operations and false for read operations.
* @return The validated path on success or 0 if access denied. * @return The validated path on success or empty if access denied.
*
* Warning: because this always (not just on Windows) treats both \ and /
* as path separators, and accepts relative paths (check-to-use race if
* the current directory changes),
* always use the returned path not the original one
*/ */
std::string fgValidatePath(const SGPath& path, bool write); std::string fgValidatePath(const SGPath& path, bool write);
std::string fgValidatePath(const std::string& path, bool write); std::string fgValidatePath(const std::string& path, bool write);