From 53b941ffca00a9cc12d3207280f179f16452cbba Mon Sep 17 00:00:00 2001 From: Pawel Wasowski Date: Fri, 7 Jul 2017 18:02:53 +0200 Subject: [PATCH] [EXIF] Fix privilege issue Problem: implementation of getExifInfo() used Web API filesystem resolve() function to check, if file exists on the device. Use of this function required declaring http://tizen.org/privilege/filesystem.read. File existence checking has been implemented in EXIF plugin and does not require declaring any additional privileges. [Verification] TCT EXIF: 100% pass rate, manuall tests with Chrome DevTools did not show any problems Change-Id: Id9d19965eddb31902f14817eac0bd5ad897f1568 Signed-off-by: Pawel Wasowski --- src/common/tools.cc | 55 +++++++++++++++++++++++++++++++++++++++ src/common/tools.h | 6 +++++ src/exif/exif_api.js | 21 ++------------- src/exif/exif_instance.cc | 16 ++++++++++++ 4 files changed, 79 insertions(+), 19 deletions(-) diff --git a/src/common/tools.cc b/src/common/tools.cc index 638352f6..cd8beeaa 100644 --- a/src/common/tools.cc +++ b/src/common/tools.cc @@ -19,6 +19,7 @@ #include #include #include +#include #ifdef PRIVILEGE_USE_DB #include @@ -480,5 +481,59 @@ char* BinToHex(const unsigned char* bin, int size, char* hex, int hex_size) { return hex; } +bool IsPathValid(const std::string& path) { + LoggerD("Enter"); + + /* + * Directory dot-referencing is not allowed + */ + return std::string::npos == path.find("/../") && + std::string::npos == path.find("/./") && + 0 != path.find("./") && + 0 != path.find("../") && + path.length() - 2 != path.rfind("/.") && + path.length() - 3 != path.rfind("/.."); +} + +PlatformResult CheckFileStatus(const std::string& path) { + LoggerD("Enter"); + + struct stat buf; + + if (stat(path.c_str(), &buf)) { + LoggerD("Failed to stat path: %s", path.c_str()); + + if (ENOENT == errno) { + return PlatformResult(ErrorCode::NOT_FOUND_ERR, "File does not exist: " + path); + } else if (EACCES == errno) { + return PlatformResult(ErrorCode::IO_ERR, "The user cannot access the file: " + path); + } + + LoggerD("stat() error: %s", common::tools::GetErrorString(errno).c_str()); + return PlatformResult(ErrorCode::UNKNOWN_ERR, "Cannot get status of the file: " + path); + } + + if (!S_ISREG(buf.st_mode)) { + return PlatformResult(ErrorCode::NOT_FOUND_ERR, "Path does not point to a regular file: " + + path); + } + + if (!(S_IRUSR & buf.st_mode)) { + return PlatformResult(ErrorCode::IO_ERR, "The user cannot read the file: " + path); + } + + return PlatformResult(ErrorCode::NO_ERROR); +} + +PlatformResult CheckFileAvailability(const std::string& path) { + LoggerD("Enter"); + + if (!IsPathValid(path)) { + return PlatformResult(ErrorCode::INVALID_VALUES_ERR, "Invalid path: " + path); + } + + return CheckFileStatus(path); +} + } // namespace tools } // namespace common diff --git a/src/common/tools.h b/src/common/tools.h index 5d8eec64..fc905ec1 100644 --- a/src/common/tools.h +++ b/src/common/tools.h @@ -85,6 +85,12 @@ int HexToInt(char c); unsigned char* HexToBin(const char* hex, int size, unsigned char* bin, int bin_size); char* BinToHex(const unsigned char* bin, int size, char* hex, int hex_size); +bool IsPathValid(const std::string& path); + +PlatformResult CheckFileStatus(const std::string& path); + +PlatformResult CheckFileAvailability(const std::string& path); + } // namespace tools } // namespace common diff --git a/src/exif/exif_api.js b/src/exif/exif_api.js index d209d8ac..3040336f 100644 --- a/src/exif/exif_api.js +++ b/src/exif/exif_api.js @@ -205,7 +205,6 @@ ExifManager.prototype.getExifInfo = function() { if (native_.isFailure(result)) { native_.callIfPossible(args.errorCallback, native_.getErrorObject(result)); } else { - // call to c++ code. Fields that do not exist are undefined. var exifInfoNative = native_.getResultObject(result); @@ -218,15 +217,7 @@ ExifManager.prototype.getExifInfo = function() { } }; - tizen.filesystem.resolve(args.uri, - function() { - native_.call('ExifManager_getExifInfo', {'uri': args.uri}, callback); - }, - function() { - native_.callIfPossible(args.errorCallback, new WebAPIException( - WebAPIException.NOT_FOUND_ERR, - 'File can not be found.')); - }); + native_.call('ExifManager_getExifInfo', {'uri': args.uri}, callback); }; ExifManager.prototype.saveExifInfo = function() { @@ -316,15 +307,7 @@ ExifManager.prototype.getThumbnail = function() { } }; - tizen.filesystem.resolve(args.uri, - function() { - native_.call('ExifManager_getThumbnail', {'uri': args.uri}, _callback); - }, - function() { - native_.callIfPossible(args.errorCallback, new WebAPIException( - WebAPIException.NOT_FOUND_ERR, - 'File can not be found.')); - }); + native_.call('ExifManager_getThumbnail', {'uri': args.uri}, _callback); }; tizen.ExifInformation = function() { diff --git a/src/exif/exif_instance.cc b/src/exif/exif_instance.cc index 8be6a26e..6f0101af 100755 --- a/src/exif/exif_instance.cc +++ b/src/exif/exif_instance.cc @@ -26,6 +26,7 @@ #include "common/logger.h" #include "common/platform_result.h" #include "common/task-queue.h" +#include "common/tools.h" #include "exif/exif_information.h" #include "exif/exif_util.h" @@ -62,6 +63,13 @@ void ExifInstance::ExifManagerGetExifInfo(const picojson::value& args, picojson: PlatformResult status(ErrorCode::NO_ERROR); const std::string &file_path = ExifUtil::convertUriToPath(uri); + + PlatformResult fileAvailability(common::tools::CheckFileAvailability(file_path)); + if (!fileAvailability) { + LogAndReportError(fileAvailability, &response->get()); + return; + } + LoggerD("file_path = %s", file_path.c_str()); status = GetExifInfo::LoadFromURI(uri, &result); @@ -128,6 +136,14 @@ void ExifInstance::ExifManagerGetThumbnail(const picojson::value& args, JsonValue result = JsonValue(JsonObject()); JsonObject &result_obj = result.get(); + PlatformResult fileAvailability(common::tools::CheckFileAvailability(file_path)); + if (!fileAvailability) { + LogAndReportError(fileAvailability, &response->get()); + return; + } + + LoggerD("file_path = %s", file_path.c_str()); + std::string ext = file_path.substr(file_path.find_last_of(".") + 1); std::transform(ext.begin(), ext.end(), ext.begin(), ::tolower); -- 2.34.1