Disallow links from being seen by the extensions via the fileapi.

This change is more of a hack at the moment, ideally we need to refactor file_util (and maybe a bit of file_path) to provide better ways to handle symlinks.
This fix prevents exploits reading arbitary files either through handled extension calls or our component extension.

BUG=chromium-os:15826
TEST=Verified that links do not show up when reading a directory in the file browser UI. Tests that specifically check for this will follow in subsequent checkins.

Review URL: http://codereview.chromium.org/7085005

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@87389 0039d316-1c4b-4281-b951-d872f2087c98

1 files changed, 15 insertions, 0 deletions

diff --git a/base/file_util_posix.cc b/base/file_util_posix.cc
index 28d6a61..89487d4 100644
--- a/base/file_util_posix.cc
+++ b/base/file_util_posix.cc
@@ -522,6 +522,21 @@ bool CreateDirectory(const FilePath& full_path) {
   return true;
 }
 
+// TODO(rkc): Refactor GetFileInfo and FileEnumerator to handle symlinks
+// correctly. http://code.google.com/p/chromium-os/issues/detail?id=15948
+bool IsLink(const FilePath& file_path) {
+  struct stat st;
+  // If we can't lstat the file, it's safe to assume that the file won't at
+  // least be a 'followable' link.
+  if (lstat(file_path.value().c_str(), &st) != 0)
+    return false;
+
+  if (S_ISLNK(st.st_mode))
+    return true;
+  else
+    return false;
+}
+
 bool GetFileInfo(const FilePath& file_path, base::PlatformFileInfo* results) {
   stat_wrapper_t file_info;
   if (CallStat(file_path.value().c_str(), &file_info) != 0)