Don't allow path traversal paths on the base file helpers

This forces explicit normalization of paths and make path escaping security bugs much harder to exploit. See for example bug 167122 BUG=168890 TEST=included tests Review URL: https://codereview.chromium.org/11782005 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@175642 0039d316-1c4b-4281-b951-d872f2087c98
author: cpu@chromium.org <cpu@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2013-01-09 00:38:59 +0000
committer: cpu@chromium.org <cpu@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2013-01-09 00:38:59 +0000
commit: 9fea5a9b229b6a114629c8787f614b2e9f1048fc (patch)
tree: a7c6e2a2fcf047e7951cf33e96047f0d511e8655 /base/platform_file_win.cc
parent: c79ca045d5c7e03eb5d9bd7e6bd42fff6cf169fb (diff)
download: chromium_src-9fea5a9b229b6a114629c8787f614b2e9f1048fc.zip
chromium_src-9fea5a9b229b6a114629c8787f614b2e9f1048fc.tar.gz
chromium_src-9fea5a9b229b6a114629c8787f614b2e9f1048fc.tar.bz2
1 files changed, 11 insertions, 12 deletions
diff --git a/base/platform_file_win.cc b/base/platform_file_win.cc
index 92f1c1f..7c72f9e 100644
--- a/base/platform_file_win.cc
+++ b/base/platform_file_win.cc
@@ -9,11 +9,10 @@
 #include "base/threading/thread_restrictions.h"
 
 namespace base {
-
-PlatformFile CreatePlatformFile(const FilePath& name,
-                                int flags,
-                                bool* created,
-                                PlatformFileError* error_code) {
+PlatformFile CreatePlatformFileUnsafe(const FilePath& name,
+                                      int flags,
+                                      bool* created,
+                                      PlatformFileError* error) {
   base::ThreadRestrictions::AssertIOAllowed();
 
   DWORD disposition = 0;
@@ -83,26 +82,26 @@ PlatformFile CreatePlatformFile(const FilePath& name,
       *created = true;
   }
 
-  if (error_code) {
+  if (error) {
     if (file != kInvalidPlatformFileValue)
-      *error_code = PLATFORM_FILE_OK;
+      *error = PLATFORM_FILE_OK;
     else {
       DWORD last_error = GetLastError();
       switch (last_error) {
         case ERROR_SHARING_VIOLATION:
-          *error_code = PLATFORM_FILE_ERROR_IN_USE;
+          *error = PLATFORM_FILE_ERROR_IN_USE;
           break;
         case ERROR_FILE_EXISTS:
-          *error_code = PLATFORM_FILE_ERROR_EXISTS;
+          *error = PLATFORM_FILE_ERROR_EXISTS;
           break;
         case ERROR_FILE_NOT_FOUND:
-          *error_code = PLATFORM_FILE_ERROR_NOT_FOUND;
+          *error = PLATFORM_FILE_ERROR_NOT_FOUND;
           break;
         case ERROR_ACCESS_DENIED:
-          *error_code = PLATFORM_FILE_ERROR_ACCESS_DENIED;
+          *error = PLATFORM_FILE_ERROR_ACCESS_DENIED;
           break;
         default:
-          *error_code = PLATFORM_FILE_ERROR_FAILED;
+          *error = PLATFORM_FILE_ERROR_FAILED;
       }
     }
   }
author	cpu@chromium.org <cpu@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2013-01-09 00:38:59 +0000
committer	cpu@chromium.org <cpu@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2013-01-09 00:38:59 +0000
commit	9fea5a9b229b6a114629c8787f614b2e9f1048fc (patch)
tree	a7c6e2a2fcf047e7951cf33e96047f0d511e8655 /base/platform_file_win.cc
parent	c79ca045d5c7e03eb5d9bd7e6bd42fff6cf169fb (diff)
download	chromium_src-9fea5a9b229b6a114629c8787f614b2e9f1048fc.zip chromium_src-9fea5a9b229b6a114629c8787f614b2e9f1048fc.tar.gz chromium_src-9fea5a9b229b6a114629c8787f614b2e9f1048fc.tar.bz2