From: Pawel Andruszkiewicz Date: Wed, 29 Jul 2015 08:03:45 +0000 (+0200) Subject: [Filesystem] Additional security checks for copyTo() method. X-Git-Tag: submit/tizen_tv/20150803.021740^2^2~13 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=83a9ca4914db2cd3aae084ce6359ec41c7eb43dd;p=platform%2Fcore%2Fapi%2Fwebapi-plugins.git [Filesystem] Additional security checks for copyTo() method. Fixes: UTC_filesystem_copyTo_moveTo_error [Verification] [Verification] Wearable service UTC: 91/94 Mobile TCT: 289/289 Change-Id: I69e302b46643239ba608a7188927c30a1c758221 Signed-off-by: Pawel Andruszkiewicz --- diff --git a/src/filesystem/js/file.js b/src/filesystem/js/file.js index d7e10389..c7d80b18 100755 --- a/src/filesystem/js/file.js +++ b/src/filesystem/js/file.js @@ -408,6 +408,35 @@ File.prototype.copyTo = function(originFilePath, destinationFilePath, overwrite, _realDestinationPath = _realDestinationPath + _realOriginalPath.split('/').pop(); } + if (!args.overwrite) { + var resultNewPath = native_.callSync('File_statSync', {location: _realDestinationPath}); + if (native_.isSuccess(resultNewPath)) { + setTimeout(function() { + native_.callIfPossible(args.onerror, + new WebAPIException(WebAPIException.IO_ERR, 'Overwrite is not allowed')); + }, 0); + return; + } + } + + if (!commonFS_.f_isSubDir(_realOriginalPath, this.fullPath)) { + var m1 = 'Source file should be subdirectory of: ' + this.fullPath; + setTimeout(function() { + native_.callIfPossible(args.onerror, + new WebAPIException(WebAPIException.INVALID_VALUES_ERR, m1)); + }, 0); + return; + } + + if (!commonFS_.isLocationAllowed(_realDestinationPath)) { + var m2 = 'Destination is read only folder: ' + this.fullPath; + setTimeout(function() { + native_.callIfPossible(args.onerror, + new WebAPIException(WebAPIException.INVALID_VALUES_ERR, m2)); + }, 0); + return; + } + var data = { originFilePath: _realOriginalPath, destinationFilePath: _realDestinationPath,