From 12febfe9d0d4cd3fe2d667e6e6cacd420705537b Mon Sep 17 00:00:00 2001
From: Pawel Andruszkiewicz <p.andruszkie@samsung.com>
Date: Tue, 10 Nov 2015 09:20:42 +0100
Subject: [PATCH] [File] Added verification of file name.

[Verification] Code compiles, pass rate: 116/140.

Change-Id: Ic3a4133b800e315c8df396d234ab3f6adb978e61
Signed-off-by: Pawel Andruszkiewicz <p.andruszkie@samsung.com>
---
 src/file/js/DirectoryEntry.js | 13 ++++---------
 src/file/js/Entry.js          |  6 ++++++
 src/file/js/rootsUtils.js     | 16 +++++++++++++++-
 3 files changed, 25 insertions(+), 10 deletions(-)

diff --git a/src/file/js/DirectoryEntry.js b/src/file/js/DirectoryEntry.js
index 3e32e88..027c7a2 100644
--- a/src/file/js/DirectoryEntry.js
+++ b/src/file/js/DirectoryEntry.js
@@ -47,15 +47,10 @@ cordova.define('cordova-plugin-file.tizen.DirectoryEntry', function(require, exp
     var parent_path = absolute_path.substring(0, absolute_path.lastIndexOf('/'));
     var child_name = absolute_path.substring(absolute_path.lastIndexOf('/') + 1);
 
-    // http://www.w3.org/TR/2011/WD-file-system-api-20110419/#naming-restrictions
-    var disallowedCharacters = [ '/', '\\', '<', '>', ':', '?', '*', '"', '|' ];
-
-    for (var i = 0; i < disallowedCharacters.length; ++i) {
-      if (-1 !== child_name.indexOf(disallowedCharacters[i])) {
-        console.error('File name contains disallowed character: ' + disallowedCharacters[i]);
-        errorCallback && errorCallback(FileError.ENCODING_ERR);
-        return;
-      }
+    if (!rootsUtils.isValidFileName(child_name)) {
+      console.error('Disallowed character detected in file name: ' + child_name);
+      errorCallback && errorCallback(FileError.ENCODING_ERR);
+      return;
     }
 
     var resolveSuccess = function(dir) {
diff --git a/src/file/js/Entry.js b/src/file/js/Entry.js
index 68ebadc..e52695b 100644
--- a/src/file/js/Entry.js
+++ b/src/file/js/Entry.js
@@ -46,6 +46,12 @@ var changeFile = function(method, successCallback, errorCallback, args) {
   var name = args[2];
   var destURL = args[1] + ((args[1][args[1].length-1] === '/') ? '' : '/') + name;
 
+  if (!rootsUtils.isValidFileName(name)) {
+    console.error('Disallowed character detected in file name: ' + name);
+    errorCallback && errorCallback(FileError.ENCODING_ERR);
+    return;
+  }
+
   resolveParent (srcURL, errorCallback,
       function(srcFile, parentDir) {
           try {
diff --git a/src/file/js/rootsUtils.js b/src/file/js/rootsUtils.js
index 4a68bfd..7760557 100644
--- a/src/file/js/rootsUtils.js
+++ b/src/file/js/rootsUtils.js
@@ -116,6 +116,19 @@ var rootsUtils = (function() {
     return (fs.fullPath === getFullPath(uri));
   }
 
+  // http://www.w3.org/TR/2011/WD-file-system-api-20110419/#naming-restrictions
+  var disallowedCharacters = [ '/', '\\', '<', '>', ':', '?', '*', '"', '|' ];
+
+  function isValidFileName(name) {
+    for (var i = 0; i < disallowedCharacters.length; ++i) {
+      if (-1 !== name.indexOf(disallowedCharacters[i])) {
+        return false;
+      }
+    }
+
+    return true;
+  }
+
   return {
     getRoots: getRoots,
     findFilesystem: findFilesystem,
@@ -124,6 +137,7 @@ var rootsUtils = (function() {
     getNativeUrl: getNativeUrl,
     stripTrailingSlash: stripTrailingSlash,
     createEntry: createEntry,
-    isRootUri: isRootUri
+    isRootUri: isRootUri,
+    isValidFileName: isValidFileName
   };
 })();
-- 
2.34.1