From: Piotr Kosko Date: Wed, 18 Nov 2015 11:37:11 +0000 (+0100) Subject: [Filesystem] '.' and '..' paths are forbiden X-Git-Tag: submit/tizen/20160524.021316~1^2 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=40551bc8ad3f3d05f64da5cd1caba08825278e95;p=platform%2Fcore%2Fapi%2Fwebapi-plugins.git [Filesystem] '.' and '..' paths are forbiden [Verification] TCT passrate 100%. Checked in chrome console - resolving when path contain '/.' or '/..' directories causes error. Change-Id: I025c8177693a11ac8422a0ec91bf769ad930edfc Signed-off-by: Piotr Kosko Signed-off-by: bg.chun --- diff --git a/src/filesystem/js/common.js b/src/filesystem/js/common.js index 17fb69d9..754d0c48 100644 --- a/src/filesystem/js/common.js +++ b/src/filesystem/js/common.js @@ -116,6 +116,49 @@ var commonFS_ = (function() { return retStr; } + function removeDotsFromPath(str) { + if(str === undefined){ + return str; + } + + var _pathTokens = str.split('/'); + var _correctDir = []; + var _fileRealPath = _pathTokens[0]; + _correctDir.push(_pathTokens[0]); + for (var i = 1; i < _pathTokens.length; ++i) { + if(_pathTokens[i] == "..") { + if (_fileRealPath == '') { + _fileRealPath = undefined; + break; + } + var _lastDir = _correctDir.pop(); + _fileRealPath = _fileRealPath.substring(0, _fileRealPath.length - _lastDir.length - 1); + } else if(_pathTokens[i] != "."){ + _fileRealPath += '/' + _pathTokens[i]; + _correctDir.push(_pathTokens[i]); + } + } + return _fileRealPath; + } + + function checkPathWithoutDots(aPath) { + if (-1 !== aPath.indexOf('/../')) { + return false; + } + if (-1 !== aPath.indexOf('/./')) { + return false; + } + // check if path ends with '/.' or '/..' + if (aPath.match(/\/\.\.?$/)) { + return false; + } + // check if path starts with './' or '../' + if (aPath.match(/^\.\.?\//)) { + return false; + } + return true; + } + function toRealPath(aPath) { var _fileRealPath = ''; @@ -151,7 +194,9 @@ var commonFS_ = (function() { } else { _fileRealPath = aPath; } - + // this line makes that '.' and '..' is supported in paths, but each method handle those cases + // and return error (see commonFS_.checkPathWithoutDots() method) + _fileRealPath = removeDotsFromPath(_fileRealPath); return _fileRealPath; } @@ -303,6 +348,7 @@ var commonFS_ = (function() { return { clearCache: clearCache, + checkPathWithoutDots: checkPathWithoutDots, toRealPath: toRealPath, toVirtualPath: toVirtualPath, getFileInfo: getFileInfo, diff --git a/src/filesystem/js/file.js b/src/filesystem/js/file.js index 3d7cbb15..0c4a721e 100644 --- a/src/filesystem/js/file.js +++ b/src/filesystem/js/file.js @@ -373,6 +373,19 @@ function copyTo() { return; } + // Validation against '.' and '..' directories used in path - not allowed + var resultSource = commonFS_.checkPathWithoutDots(args.originFilePath); + var resultDestination = commonFS_.checkPathWithoutDots(args.destinationFilePath); + if (!resultSource || !resultDestination) { + // path contains dots - it is not allowed - return InvalidValuesError + setTimeout(function() { + native_.callIfPossible(args.onerror, + new WebAPIException(WebAPIException.INVALID_VALUES_ERR, + 'Path contains \'.\' or \'..\' - it is not allowed.')); + }, 0); + return; + } + var _realOriginalPath = commonFS_.toRealPath(args.originFilePath); var _realDestinationPath = commonFS_.toRealPath(args.destinationFilePath); @@ -512,6 +525,19 @@ function moveTo() { return; } + // Validation against '.' and '..' directories used in path - not allowed + var resultSource = commonFS_.checkPathWithoutDots(args.originFilePath); + var resultDestination = commonFS_.checkPathWithoutDots(args.destinationFilePath); + if (!resultSource || !resultDestination) { + // path contains dots - it is not allowed - return InvalidValuesError + setTimeout(function() { + native_.callIfPossible(args.onerror, + new WebAPIException(WebAPIException.INVALID_VALUES_ERR, + 'Path contains \'.\' or \'..\' - it is not allowed.')); + }, 0); + return; + } + var _realOriginalPath = commonFS_.toRealPath(args.originFilePath); var _realDestinationPath = commonFS_.toRealPath(args.destinationFilePath); @@ -609,8 +635,17 @@ function createDirectory() { var _newPath = this.fullPath + '/' + args.dirPath, _statObj, - _fileInfo, - _realNewPath = commonFS_.toRealPath(_newPath); + _fileInfo; + + // Validation against '.' and '..' directories used in path - not allowed + var result = commonFS_.checkPathWithoutDots(_newPath); + if (!result) { + // path contains dots - it is not allowed - return InvalidValuesError + throw new WebAPIException(WebAPIException.INVALID_VALUES_ERR, + 'Path contains \'.\' or \'..\' - it is not allowed.'); + } + + var _realNewPath = commonFS_.toRealPath(_newPath); if (!_realNewPath) { throw new WebAPIException(WebAPIException.INVALID_VALUES_ERR, 'Path is not valid'); @@ -668,6 +703,15 @@ function createFile() { } var _outputPath = this.fullPath + '/' + args.relativeFilePath; + + // Validation against '.' and '..' directories used in path - not allowed + var result = commonFS_.checkPathWithoutDots(_outputPath); + if (!result) { + // path contains dots - it is not allowed - return InvalidValuesError + throw new WebAPIException(WebAPIException.INVALID_VALUES_ERR, + 'Path contains \'.\' or \'..\' - it is not allowed.'); + } + var _outputRealPath = commonFS_.toRealPath(_outputPath); if (!_outputRealPath) { throw new WebAPIException(WebAPIException.INVALID_VALUES_ERR, 'Path is not valid'); @@ -714,6 +758,15 @@ function resolveFile() { } var _newPath = this.fullPath + '/' + args.filePath; + + // Validation against '.' and '..' directories used in path - not allowed + var result = commonFS_.checkPathWithoutDots(_newPath); + if (!result) { + // path contains dots - it is not allowed - return InvalidValuesError + throw new WebAPIException(WebAPIException.INVALID_VALUES_ERR, + 'Path contains \'.\' or \'..\' - it is not allowed.'); + } + var _realPath = commonFS_.toRealPath(_newPath); if (!_realPath) { @@ -755,6 +808,18 @@ function deleteDirectory() { return; } + // Validation against '.' and '..' directories used in path - not allowed + var result = commonFS_.checkPathWithoutDots(args.directoryPath); + if (!result) { + // path contains dots - it is not allowed - return InvalidValuesError + setTimeout(function() { + native_.callIfPossible(args.onerror, + new WebAPIException(WebAPIException.INVALID_VALUES_ERR, + 'Path contains \'.\' or \'..\' - it is not allowed.')); + }, 0); + return; + } + var _myPath = commonFS_.toRealPath(args.directoryPath); if (_myPath !== undefined && !commonFS_.f_isSubDir(_myPath, this.fullPath)) { @@ -842,6 +907,18 @@ function deleteFile() { return; } + // Validation against '.' and '..' directories used in path - not allowed + var result = commonFS_.checkPathWithoutDots(args.filePath); + if (!result) { + // path contains dots - it is not allowed - return InvalidValuesError + setTimeout(function() { + native_.callIfPossible(args.onerror, + new WebAPIException(WebAPIException.INVALID_VALUES_ERR, + 'Path contains \'.\' or \'..\' - it is not allowed.')); + }, 0); + return; + } + var _fileRealPath = commonFS_.toRealPath(args.filePath); var _result = native_.callSync('File_statSync', {location: _fileRealPath}); diff --git a/src/filesystem/js/file_system_manager.js b/src/filesystem/js/file_system_manager.js index 8f88862c..622f38d4 100755 --- a/src/filesystem/js/file_system_manager.js +++ b/src/filesystem/js/file_system_manager.js @@ -53,6 +53,18 @@ function resolve() { return; } + // Validation against '.' and '..' directories used in path - not allowed + var result = commonFS_.checkPathWithoutDots(args.location); + if (!result) { + // path contains dots - it is not allowed - return InvalidValuesError + setTimeout(function() { + native_.callIfPossible(args.onerror, + new WebAPIException(WebAPIException.INVALID_VALUES_ERR, + 'Path contains \'.\' or \'..\' - it is not allowed.')); + }, 0); + return; + } + var _realPath = commonFS_.toRealPath(args.location); if (!_realPath) {