* @remarks You must add privilege http://tizen.org/privilege/content.write. And You add more privilege depending on your choice of contents path. \n
* If you want to access only internal storage by using this function, you should add privilege http://tizen.org/privilege/mediastorage. \n
* Or if you want to access only external storage by using this function, you should add privilege http://tizen.org/privilege/externalstorage. \n
- * If you can access both storage, you must add all privilege.
+ * If you can access both storage, you must add all privilege. \n
+ * Since 4.0, This function does not allow a symbolic link.\n
* @remarks Since 4.0, this function is related to the following feature:\n
* %http://tizen.org/feature/content.scanning.others\n
* If this feature is not supported on the device, MEDIA_CONTENT_TYPE_OTHERS type file is not scanned.
* @remarks You must add privilege http://tizen.org/privilege/content.write. And You add more privilege depending on your choice of contents path. \n
* If you want to access only internal storage by using this function, you should add privilege http://tizen.org/privilege/mediastorage. \n
* Or if you want to access only external storage by using this function, you should add privilege http://tizen.org/privilege/externalstorage. \n
- * If you can access both storage, you must add all privilege.
+ * If you can access both storage, you must add all privilege. \n
+ * Since 4.0, This function does not allow a symbolic link.
*
* @param[in] path The folder path
* @param[in] is_recursive Set @c true to scan recursively subdirectories,
* You must add privilege http://tizen.org/privilege/content.write. And You add more privilege depending on your choice of contents path. \n
* If you want to access only internal storage by using this function, you should add privilege http://tizen.org/privilege/mediastorage. \n
* Or if you want to access only external storage by using this function, you should add privilege http://tizen.org/privilege/externalstorage. \n
- * If you can access both storage, you must add all privilege.
+ * If you can access both storage, you must add all privilege. \n
+ * Since 4.0, This function does not allow a symbolic link. \n
* @remarks Since 4.0, this function is related to the following feature:\n
* %http://tizen.org/feature/content.scanning.others\n
* If this feature is not supported on the device, MEDIA_CONTENT_TYPE_OTHERS type file is not scanned.
* @remarks You must add privilege http://tizen.org/privilege/content.write. And You add more privilege depending on your choice of contents path. \n
* If you want to access only internal storage by using this function, you should add privilege http://tizen.org/privilege/mediastorage. \n
* Or if you want to access only external storage by using this function, you should add privilege http://tizen.org/privilege/externalstorage. \n
- * If you can access both storage, you must add all privilege.
+ * If you can access both storage, you must add all privilege. \n
+ * Since 4.0, This function does not allow a symbolic link. \n
* @remarks Since 4.0, this function is related to the following feature:\n
* %http://tizen.org/feature/content.scanning.others\n
* If this feature is not supported on the device, MEDIA_CONTENT_TYPE_OTHERS type file is not scanned.
* @remarks You must add privilege http://tizen.org/privilege/content.write. And You add more privilege depending on your choice of contents path. \n
* If you want to access only internal storage with this function, you should add privilege http://tizen.org/privilege/mediastorage. \n
* Or if you want to access only external storage with this function, you should add privilege http://tizen.org/privilege/externalstorage. \n
- * If you can access both storage, you must add all privilege.
+ * If you can access both storage, you must add all privilege. \n
+ * Since 4.0, This function does not allow a symbolic link. \n
*
* @param[in] path_array The path array of the burst shot images to add
* @param[in] array_length The length of the array
* If you want to access only internal storage by using this function, you should add privilege http://tizen.org/privilege/mediastorage. \n
* Or if you want to access only external storage by using this function, you should add privilege http://tizen.org/privilege/externalstorage. \n
* If you can access both storage, you should add all privilege. \n
- * This function does not support USB storage.
+ * This function does not support USB storage. \n
+ * Since 4.0, This function does not allow a symbolic link.
*
* @param[in] media The handle to the media info
* @param[in] dst_path The path of destination
* @remarks You must add privilege http://tizen.org/privilege/content.write. And You add more privilege depending on your choice of contents path. \n
* If you want to access only internal storage by using this function, you should add privilege http://tizen.org/privilege/mediastorage. \n
* Or if you want to access only external storage by using this function, you should add privilege http://tizen.org/privilege/externalstorage. \n
- * If you can access both storage, you must add all privilege.
+ * If you can access both storage, you must add all privilege. \n
+ * Since 4.0, This function does not allow a symbolic link.\n
* @remarks Since 4.0, this function is related to the following feature:\n
* %http://tizen.org/feature/content.scanning.others\n
* If this feature is not supported on the device, MEDIA_CONTENT_TYPE_OTHERS type file is not scanned.
* @remarks You must add privilege http://tizen.org/privilege/content.write. And You add more privilege depending on your choice of contents path. \n
* If you want to access only internal storage by using this function, you should add privilege http://tizen.org/privilege/mediastorage. \n
* Or if you want to access only external storage by using this function, you should add privilege http://tizen.org/privilege/externalstorage. \n
- * If you can access both storage, you must add all privilege.
+ * If you can access both storage, you must add all privilege. \n
+ * Since 4.0, This function does not allow a symbolic link.
*
* @param[in] path The folder path
* @param[in] is_recursive Set @c true to scan recursively subdirectories,
* You must add privilege http://tizen.org/privilege/content.write. And You add more privilege depending on your choice of contents path. \n
* If you want to access only internal storage by using this function, you should add privilege http://tizen.org/privilege/mediastorage. \n
* Or if you want to access only external storage by using this function, you should add privilege http://tizen.org/privilege/externalstorage. \n
- * If you can access both storage, you must add all privilege.
+ * If you can access both storage, you must add all privilege. \n
+ * Since 4.0, This function does not allow a symbolic link. \n
* @remarks Since 4.0, this function is related to the following feature:\n
* %http://tizen.org/feature/content.scanning.others\n
* If this feature is not supported on the device, MEDIA_CONTENT_TYPE_OTHERS type file is not scanned.
* @remarks You must add privilege http://tizen.org/privilege/content.write. And You add more privilege depending on your choice of contents path. \n
* If you want to access only internal storage by using this function, you should add privilege http://tizen.org/privilege/mediastorage. \n
* Or if you want to access only external storage by using this function, you should add privilege http://tizen.org/privilege/externalstorage. \n
- * If you can access both storage, you must add all privilege.
+ * If you can access both storage, you must add all privilege. \n
+ * Since 4.0, This function does not allow a symbolic link. \n
* @remarks Since 4.0, this function is related to the following feature:\n
* %http://tizen.org/feature/content.scanning.others\n
* If this feature is not supported on the device, MEDIA_CONTENT_TYPE_OTHERS type file is not scanned.
* @remarks You must add privilege http://tizen.org/privilege/content.write. And You add more privilege depending on your choice of contents path. \n
* If you want to access only internal storage with this function, you should add privilege http://tizen.org/privilege/mediastorage. \n
* Or if you want to access only external storage with this function, you should add privilege http://tizen.org/privilege/externalstorage. \n
- * If you can access both storage, you must add all privilege.
+ * If you can access both storage, you must add all privilege. \n
+ * Since 4.0, This function does not allow a symbolic link. \n
*
* @param[in] path_array The path array of the burst shot images to add
* @param[in] array_length The length of the array
* If you want to access only internal storage by using this function, you should add privilege http://tizen.org/privilege/mediastorage. \n
* Or if you want to access only external storage by using this function, you should add privilege http://tizen.org/privilege/externalstorage. \n
* If you can access both storage, you should add all privilege. \n
- * This function does not support USB storage.
+ * This function does not support USB storage. \n
+ * Since 4.0, This function does not allow a symbolic link.
*
* @param[in] media The handle to the media info
* @param[in] dst_path The path of destination
media_content_retvm_if(!STRING_VALID(path), MEDIA_CONTENT_ERROR_INVALID_PARAMETER, "invalid path");
media_content_sec_debug("Path : %s", path);
+
memset(repl_path, 0, sizeof(repl_path));
ret = _media_content_replace_path(path, repl_path);
media_content_retvm_if(!STRING_VALID(repl_path), MEDIA_CONTENT_ERROR_INVALID_OPERATION, "path replacement failed");
static int __media_content_check_dir(const char *path)
{
DIR *dp = NULL;
-
+ char *real = NULL;
+#ifndef _USE_TVPD_MODE
+ char result_path[MAX_PATH_LEN] = {0, };
+#endif
dp = opendir(path);
if (dp == NULL) {
media_content_sec_error("path [%s]", path);
closedir(dp);
+ /* Check symbolic link directory */
+ real = realpath(path, NULL);
+
+#ifdef _USE_TVPD_MODE
+ if (g_strcmp0(real, path) != 0) {
+ SAFE_FREE(real);
+ media_content_error("symbolic link(directory)");
+ media_content_sec_debug("path : %s", path);
+ return MEDIA_CONTENT_ERROR_INVALID_PARAMETER;
+ }
+#else
+ if (g_str_has_prefix(real, MEDIA_SHARE_PATH)) {
+ /* If shared dirctory, it should be change path to TZ_USER_SHARE from realpath */
+ snprintf(result_path, MAX_PATH_LEN, "%s%s", tzplatform_getenv(TZ_USER_MEDIASHARED), real + strlen(MEDIA_SHARE_PATH));
+ if (g_strcmp0(result_path, path) != 0) {
+ SAFE_FREE(real);
+ media_content_error("symbolic link(directory)");
+ media_content_sec_debug("path : %s", path);
+ return MEDIA_CONTENT_ERROR_INVALID_PARAMETER;
+ }
+ } else {
+ if (g_strcmp0(real, path) != 0) {
+ SAFE_FREE(real);
+ media_content_error("symbolic link(directory)");
+ media_content_sec_debug("path : %s", path);
+ return MEDIA_CONTENT_ERROR_INVALID_PARAMETER;
+ }
+ }
+#endif
+
+ SAFE_FREE(real);
+
return MEDIA_CONTENT_ERROR_NONE;
}
ret = __media_content_check_dir(repl_path);
media_content_retvm_if(ret == MEDIA_CONTENT_ERROR_PERMISSION_DENIED, ret, "Permission Denied");
+ media_content_retvm_if(ret == MEDIA_CONTENT_ERROR_INVALID_PARAMETER, ret, "invalid path[%s]", repl_path);
if (ret == MEDIA_CONTENT_ERROR_NONE) {
/* If directory exist check that's ignore directory or not*/
ret = __media_content_check_dir(path);
media_content_retvm_if(ret == MEDIA_CONTENT_ERROR_PERMISSION_DENIED, ret, "Permission Denied");
+ media_content_retvm_if(ret == MEDIA_CONTENT_ERROR_INVALID_PARAMETER, ret, "invalid path[%s]", path);
media_content_scan_cb_data_v2* cb_data = NULL;
cb_data = (media_content_scan_cb_data_v2*)malloc(sizeof(media_content_scan_cb_data_v2));
media_content_retvm_if(!STRING_VALID(path), MEDIA_CONTENT_ERROR_INVALID_PARAMETER, "invalid path");
*ignore = FALSE;
+ char *tmp_path = NULL;
+#ifndef _USE_TVPD_MODE
+ char replace[MAX_PATH_LEN] = {0, };
+#endif
+
+ /* Check symbolic link file */
+ if (g_file_test(path, G_FILE_TEST_IS_SYMLINK)) {
+ *ignore = TRUE;
+ media_content_error("symbolic link(file)");
+ media_content_sec_debug("path : %s", path);
+ return MEDIA_CONTENT_ERROR_INVALID_PARAMETER;
+ }
+
+ /* Check hidden path */
if (strstr(path, "/.") != NULL) {
*ignore = TRUE;
media_content_error("hidden path");
media_content_sec_debug("path : %s", path);
+ return MEDIA_CONTENT_ERROR_INVALID_PARAMETER;
+ }
+
+ /* Check symbolic directory */
+ tmp_path = realpath(path, NULL);
+
+#ifdef _USE_TVPD_MODE
+ if (g_strcmp0(tmp_path, path) != 0) {
+ *ignore = TRUE;
+ SAFE_FREE(tmp_path);
+ media_content_error("symbolic link(directory)");
+ media_content_sec_debug("path : %s", path);
+ return MEDIA_CONTENT_ERROR_INVALID_PARAMETER;
}
+#else
+ if (g_str_has_prefix(tmp_path, MEDIA_SHARE_PATH)) {
+ /* If shared dirctory, it should be change path to TZ_USER_SHARE from realpath */
+ snprintf(replace, MAX_PATH_LEN, "%s%s", tzplatform_getenv(TZ_USER_MEDIASHARED), tmp_path + strlen(MEDIA_SHARE_PATH));
+ if (g_strcmp0(replace, path) != 0) {
+ *ignore = TRUE;
+ SAFE_FREE(tmp_path);
+ media_content_error("symbolic link(directory)");
+ media_content_sec_debug("path : %s", path);
+ return MEDIA_CONTENT_ERROR_INVALID_PARAMETER;
+ }
+ } else {
+ if (g_strcmp0(tmp_path, path) != 0) {
+ *ignore = TRUE;
+ SAFE_FREE(tmp_path);
+ media_content_error("symbolic link(directory)");
+ media_content_sec_debug("path : %s", path);
+ return MEDIA_CONTENT_ERROR_INVALID_PARAMETER;
+ }
+ }
+#endif
+ SAFE_FREE(tmp_path);
return MEDIA_CONTENT_ERROR_NONE;
}
projects / platform / core / api / media-content.git / commitdiff