summaryrefslogtreecommitdiffstats
path: root/webkit/fileapi/isolated_file_util.cc
diff options
context:
space:
mode:
authorkinuko@chromium.org <kinuko@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2012-06-19 02:17:55 +0000
committerkinuko@chromium.org <kinuko@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2012-06-19 02:17:55 +0000
commit272a9d1ba92670f109057e62f78d306e229ed22e (patch)
treef85b5dff4c19722a2398e0f028f676ef8a6e8a56 /webkit/fileapi/isolated_file_util.cc
parent8cdcd514a5a2cf20936bbb1b0ab497d1d01170c1 (diff)
downloadchromium_src-272a9d1ba92670f109057e62f78d306e229ed22e.zip
chromium_src-272a9d1ba92670f109057e62f78d306e229ed22e.tar.gz
chromium_src-272a9d1ba92670f109057e62f78d306e229ed22e.tar.bz2
Fix symbolic link handling in fileapi
In isolated file system: - disallows following symlinks in a directory / subdirectories - do not list symlinks in a directory / subdirectories - allows symlink access if the symlink file itself is selected (i.e. it's a top-level entry) In any other sandboxed file systems: - disallow symlink access at all (not only in ReadDirectory) Removes AbstractFileEnumerator::IsLink. BUG=none TEST=manually tested for isolated files (if a symlink file is dropped it should be viewable, but if a directory is dropped which contains symlinks those symlinks should not be listed/viewable). Review URL: https://chromiumcodereview.appspot.com/10557035 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@142899 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'webkit/fileapi/isolated_file_util.cc')
-rw-r--r--webkit/fileapi/isolated_file_util.cc13
1 files changed, 7 insertions, 6 deletions
diff --git a/webkit/fileapi/isolated_file_util.cc b/webkit/fileapi/isolated_file_util.cc
index 2fee166..aae8cef 100644
--- a/webkit/fileapi/isolated_file_util.cc
+++ b/webkit/fileapi/isolated_file_util.cc
@@ -46,7 +46,6 @@ class SetFileEnumerator : public FileSystemFileUtil::AbstractFileEnumerator {
virtual base::Time LastModifiedTime() OVERRIDE {
return file_info_.last_modified;
}
- virtual bool IsLink() OVERRIDE { return file_info_.is_symbolic_link; }
private:
std::vector<FilePath> paths_;
@@ -86,6 +85,9 @@ class PathConverterEnumerator
virtual FilePath Next() OVERRIDE {
DCHECK(wrapped_.get());
FilePath path = wrapped_->Next();
+ // Don't return symlinks in subdirectories.
+ while (!path.empty() && file_util::IsLink(path))
+ path = wrapped_->Next();
if (path.empty())
return path;
FilePath virtual_path = virtual_base_path_;
@@ -97,7 +99,6 @@ class PathConverterEnumerator
virtual base::Time LastModifiedTime() OVERRIDE {
return wrapped_->LastModifiedTime();
}
- virtual bool IsLink() OVERRIDE { return wrapped_->IsLink(); }
private:
scoped_ptr<FileSystemFileUtil::AbstractFileEnumerator> wrapped_;
@@ -135,10 +136,6 @@ class RecursiveSetFileEnumerator
DCHECK(current_enumerator_.get());
return current_enumerator_->LastModifiedTime();
}
- virtual bool IsLink() OVERRIDE {
- DCHECK(current_enumerator_.get());
- return current_enumerator_->IsLink();
- }
private:
FilePath virtual_base_path_;
@@ -229,6 +226,10 @@ PlatformFileError IsolatedFileUtil::GetFileInfo(
}
base::PlatformFileError error =
NativeFileUtil::GetFileInfo(cracked_path, file_info);
+ if (file_util::IsLink(cracked_path) && !FilePath().IsParent(cracked_path)) {
+ // Don't follow symlinks unless it's the one that are selected by the user.
+ return base::PLATFORM_FILE_ERROR_NOT_FOUND;
+ }
if (error == base::PLATFORM_FILE_OK)
*platform_path = cracked_path;
return error;
generated by cgit v1.1 at 2025-02-12 02:12:10 +0000