Merge pull request #3304 from owncloud/fix_bypass_fo_file_blacklist

Properly check file blacklist
This commit is contained in:
icewind1991 2013-05-10 06:15:34 -07:00
commit 5667d11f7d
2 changed files with 18 additions and 12 deletions

View File

@ -62,7 +62,9 @@ class Scanner {
* @return array with metadata of the scanned file
*/
public function scanFile($file, $checkExisting = false) {
if (!self::isIgnoredFile($file)) {
if ( ! self::isPartialFile($file)
and ! \OC\Files\Filesystem::isFileBlacklisted($file)
) {
\OC_Hook::emit('\OC\Files\Cache\Scanner', 'scan_file', array('path' => $file, 'storage' => $this->storageId));
$data = $this->getData($file);
if ($data) {
@ -166,10 +168,8 @@ class Scanner {
* @param String $file
* @return boolean
*/
public static function isIgnoredFile($file) {
if (pathinfo($file, PATHINFO_EXTENSION) === 'part'
|| \OC\Files\Filesystem::isFileBlacklisted($file)
) {
public static function isPartialFile($file) {
if (pathinfo($file, PATHINFO_EXTENSION) === 'part') {
return true;
}
return false;

View File

@ -263,12 +263,13 @@ class View {
if (is_resource($data)) { //not having to deal with streams in file_put_contents makes life easier
$absolutePath = Filesystem::normalizePath($this->getAbsolutePath($path));
if (\OC_FileProxy::runPreProxies('file_put_contents', $absolutePath, $data)
&& Filesystem::isValidPath($path)
and Filesystem::isValidPath($path)
and ! Filesystem::isFileBlacklisted($path)
) {
$path = $this->getRelativePath($absolutePath);
$exists = $this->file_exists($path);
$run = true;
if ($this->fakeRoot == Filesystem::getRoot() && !Cache\Scanner::isIgnoredFile($path)) {
if ($this->fakeRoot == Filesystem::getRoot() && !Cache\Scanner::isPartialFile($path)) {
if (!$exists) {
\OC_Hook::emit(
Filesystem::CLASSNAME,
@ -296,7 +297,7 @@ class View {
list ($count, $result) = \OC_Helper::streamCopy($data, $target);
fclose($target);
fclose($data);
if ($this->fakeRoot == Filesystem::getRoot() && !Cache\Scanner::isIgnoredFile($path)) {
if ($this->fakeRoot == Filesystem::getRoot() && !Cache\Scanner::isPartialFile($path)) {
if (!$exists) {
\OC_Hook::emit(
Filesystem::CLASSNAME,
@ -340,6 +341,7 @@ class View {
\OC_FileProxy::runPreProxies('rename', $absolutePath1, $absolutePath2)
and Filesystem::isValidPath($path2)
and Filesystem::isValidPath($path1)
and ! Filesystem::isFileBlacklisted($path2)
) {
$path1 = $this->getRelativePath($absolutePath1);
$path2 = $this->getRelativePath($absolutePath2);
@ -348,7 +350,7 @@ class View {
return false;
}
$run = true;
if ($this->fakeRoot == Filesystem::getRoot()) {
if ($this->fakeRoot == Filesystem::getRoot() && !Cache\Scanner::isPartialFile($path1)) {
\OC_Hook::emit(
Filesystem::CLASSNAME, Filesystem::signal_rename,
array(
@ -376,7 +378,7 @@ class View {
list($storage1, $internalPath1) = Filesystem::resolvePath($absolutePath1 . $postFix1);
$storage1->unlink($internalPath1);
}
if ($this->fakeRoot == Filesystem::getRoot()) {
if ($this->fakeRoot == Filesystem::getRoot() && !Cache\Scanner::isPartialFile($path1)) {
\OC_Hook::emit(
Filesystem::CLASSNAME,
Filesystem::signal_post_rename,
@ -404,6 +406,7 @@ class View {
\OC_FileProxy::runPreProxies('copy', $absolutePath1, $absolutePath2)
and Filesystem::isValidPath($path2)
and Filesystem::isValidPath($path1)
and ! Filesystem::isFileBlacklisted($path2)
) {
$path1 = $this->getRelativePath($absolutePath1);
$path2 = $this->getRelativePath($absolutePath2);
@ -606,7 +609,10 @@ class View {
private function basicOperation($operation, $path, $hooks = array(), $extraParam = null) {
$postFix = (substr($path, -1, 1) === '/') ? '/' : '';
$absolutePath = Filesystem::normalizePath($this->getAbsolutePath($path));
if (\OC_FileProxy::runPreProxies($operation, $absolutePath, $extraParam) and Filesystem::isValidPath($path)) {
if (\OC_FileProxy::runPreProxies($operation, $absolutePath, $extraParam)
and Filesystem::isValidPath($path)
and ! Filesystem::isFileBlacklisted($path)
) {
$path = $this->getRelativePath($absolutePath);
if ($path == null) {
return false;
@ -635,7 +641,7 @@ class View {
private function runHooks($hooks, $path, $post = false) {
$prefix = ($post) ? 'post_' : '';
$run = true;
if (Filesystem::$loaded and $this->fakeRoot == Filesystem::getRoot() && !Cache\Scanner::isIgnoredFile($path)) {
if (Filesystem::$loaded and $this->fakeRoot == Filesystem::getRoot()) {
foreach ($hooks as $hook) {
if ($hook != 'read') {
\OC_Hook::emit(