mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge pull request #4719 from owncloud/port_4701_master 

Always check variable type before using readdir to avoid surprises
This commit is contained in:
Thomas Müller 2013-09-12 15:44:20 -07:00
parent c7ca86799b c01675de5d
commit d5ddbfb045
20 changed files with 215 additions and 171 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

95
apps/files_encryption/lib/util.php
View File

@ -329,72 +329,73 @@ class Util {
$this->view->is_dir($directory) $this->view->is_dir($directory)
&& $handle = $this->view->opendir($directory) && $handle = $this->view->opendir($directory)
) { ) {
if(is_resource($handle)) {
while (false !== ($file = readdir($handle))) {
while (false !== ($file = readdir($handle))) { if (
$file !== "."
&& $file !== ".."
) {
if ( $filePath = $directory . '/' . $this->view->getRelativePath('/' . $file);
$file !== "." $relPath = \OCA\Encryption\Helper::stripUserFilesPath($filePath);
&& $file !== ".."
) {
$filePath = $directory . '/' . $this->view->getRelativePath('/' . $file); // If the path is a directory, search
$relPath = \OCA\Encryption\Helper::stripUserFilesPath($filePath); // its contents
if ($this->view->is_dir($filePath)) {
// If the path is a directory, search $this->findEncFiles($filePath, $found);
// its contents
if ($this->view->is_dir($filePath)) {
$this->findEncFiles($filePath, $found); // If the path is a file, determine
// its encryption status
} elseif ($this->view->is_file($filePath)) {
// If the path is a file, determine // Disable proxies again, some-
// its encryption status // where they got re-enabled :/
} elseif ($this->view->is_file($filePath)) { \OC_FileProxy::$enabled = false;
// Disable proxies again, some- $isEncryptedPath = $this->isEncryptedPath($filePath);
// where they got re-enabled :/ // If the file is encrypted
\OC_FileProxy::$enabled = false; // NOTE: If the userId is
// empty or not set, file will
// detected as plain
// NOTE: This is inefficient;
// scanning every file like this
// will eat server resources :(
if (
Keymanager::getFileKey($this->view, $this->userId, $relPath)
&& $isEncryptedPath
) {
$isEncryptedPath = $this->isEncryptedPath($filePath); $found['encrypted'][] = array(
// If the file is encrypted 'name' => $file,
// NOTE: If the userId is 'path' => $filePath
// empty or not set, file will );
// detected as plain
// NOTE: This is inefficient;
// scanning every file like this
// will eat server resources :(
if (
Keymanager::getFileKey($this->view, $this->userId, $relPath)
&& $isEncryptedPath
) {
$found['encrypted'][] = array( // If the file uses old
'name' => $file, // encryption system
'path' => $filePath } elseif (Crypt::isLegacyEncryptedContent($isEncryptedPath, $relPath)) {
);
// If the file uses old $found['legacy'][] = array(
// encryption system 'name' => $file,
} elseif (Crypt::isLegacyEncryptedContent($isEncryptedPath, $relPath)) { 'path' => $filePath
);
$found['legacy'][] = array( // If the file is not encrypted
'name' => $file, } else {
'path' => $filePath
);
// If the file is not encrypted $found['plain'][] = array(
} else { 'name' => $file,
'path' => $relPath
);
$found['plain'][] = array( }
'name' => $file,
'path' => $relPath
);
} }
} }
} }
} }
\OC_FileProxy::$enabled = true; \OC_FileProxy::$enabled = true;

39
apps/files_external/lib/amazons3.php
View File

@ -183,17 +183,20 @@ class AmazonS3 extends \OC\Files\Storage\Common {
} }
$dh = $this->opendir($path); $dh = $this->opendir($path);
while (($file = readdir($dh)) !== false) {
if ($file === '.' || $file === '..') {
continue;
}
if ($this->is_dir($path . '/' . $file)) { if(is_resource($dh)) {
$this->rmdir($path . '/' . $file); while (($file = readdir($dh)) !== false) {
} else { if ($file === '.' || $file === '..') {
$this->unlink($path . '/' . $file); continue;
}
if ($this->is_dir($path . '/' . $file)) {
$this->rmdir($path . '/' . $file);
} else {
$this->unlink($path . '/' . $file);
}
} }
} }
try { try {
$result = $this->connection->deleteObject(array( $result = $this->connection->deleteObject(array(
@ -464,15 +467,17 @@ class AmazonS3 extends \OC\Files\Storage\Common {
} }
$dh = $this->opendir($path1); $dh = $this->opendir($path1);
while (($file = readdir($dh)) !== false) { if(is_resource($dh)) {
if ($file === '.' || $file === '..') { while (($file = readdir($dh)) !== false) {
continue; if ($file === '.' || $file === '..') {
} continue;
}
$source = $path1 . '/' . $file; $source = $path1 . '/' . $file;
$target = $path2 . '/' . $file; $target = $path2 . '/' . $file;
$this->copy($source, $target); $this->copy($source, $target);
} }
}
} }
return true; return true;

2
apps/files_external/lib/config.php
View File

@ -378,7 +378,7 @@ class OC_Mount_Config {
} }
$result = array(); $result = array();
$handle = opendir($path); $handle = opendir($path);
if ( ! $handle) { if(!is_resource($handle)) {
return array(); return array();
} }
while (false !== ($file = readdir($handle))) { while (false !== ($file = readdir($handle))) {

12
apps/files_external/lib/google.php
View File

@ -206,14 +206,16 @@ class Google extends \OC\Files\Storage\Common {
public function rmdir($path) { public function rmdir($path) {
if (trim($path, '/') === '') { if (trim($path, '/') === '') {
$dir = $this->opendir($path); $dir = $this->opendir($path);
while (($file = readdir($dh)) !== false) { if(is_resource($dir)) {
if (!\OC\Files\Filesystem::isIgnoredDir($file)) { while (($file = readdir($dir)) !== false) {
if (!$this->unlink($path.'/'.$file)) { if (!\OC\Files\Filesystem::isIgnoredDir($file)) {
return false; if (!$this->unlink($path.'/'.$file)) {
return false;
}
} }
} }
closedir($dir);
} }
closedir($dir);
$this->driveFiles = array(); $this->driveFiles = array();
return true; return true;
} else { } else {

12
apps/files_external/lib/irods.php
View File

@ -138,11 +138,13 @@ class iRODS extends \OC\Files\Storage\StreamWrapper{
private function collectionMTime($path) { private function collectionMTime($path) {
$dh = $this->opendir($path); $dh = $this->opendir($path);
$lastCTime = $this->filemtime($path); $lastCTime = $this->filemtime($path);
while (($file = readdir($dh)) !== false) { if(is_resource($dh)) {
if ($file != '.' and $file != '..') { while (($file = readdir($dh)) !== false) {
$time = $this->filemtime($file); if ($file != '.' and $file != '..') {
if ($time > $lastCTime) { $time = $this->filemtime($file);
$lastCTime = $time; if ($time > $lastCTime) {
$lastCTime = $time;
}
} }
} }
} }

12
apps/files_external/lib/smb.php
View File

@ -99,11 +99,13 @@ class SMB extends \OC\Files\Storage\StreamWrapper{
private function shareMTime() { private function shareMTime() {
$dh=$this->opendir(''); $dh=$this->opendir('');
$lastCtime=0; $lastCtime=0;
while (($file = readdir($dh)) !== false) { if(is_resource($dh)) {
if ($file!='.' and $file!='..') { while (($file = readdir($dh)) !== false) {
$ctime=$this->filemtime($file); if ($file!='.' and $file!='..') {
if ($ctime>$lastCtime) { $ctime=$this->filemtime($file);
$lastCtime=$ctime; if ($ctime>$lastCtime) {
$lastCtime=$ctime;
}
} }
} }
} }

3
apps/files_sharing/lib/sharedstorage.php
View File

@ -221,7 +221,8 @@ class Shared extends \OC\Files\Storage\Common {
public function filemtime($path) { public function filemtime($path) {
if ($path == '' || $path == '/') { if ($path == '' || $path == '/') {
$mtime = 0; $mtime = 0;
if ($dh = $this->opendir($path)) { $dh = $this->opendir($path);
if(is_resource($dh)) {
while (($filename = readdir($dh)) !== false) { while (($filename = readdir($dh)) !== false) {
$tempmtime = $this->filemtime($filename); $tempmtime = $this->filemtime($filename);
if ($tempmtime > $mtime) { if ($tempmtime > $mtime) {

31
apps/files_trashbin/index.php
View File

@ -23,23 +23,24 @@ if ($dir) {
$dirlisting = true; $dirlisting = true;
$dirContent = $view->opendir($dir); $dirContent = $view->opendir($dir);
$i = 0; $i = 0;
while(($entryName = readdir($dirContent)) !== false) { if(is_resource($dirContent)) {
if (!\OC\Files\Filesystem::isIgnoredDir($entryName)) { while(($entryName = readdir($dirContent)) !== false) {
$pos = strpos($dir.'/', '/', 1); if (!\OC\Files\Filesystem::isIgnoredDir($entryName)) {
$tmp = substr($dir, 0, $pos); $pos = strpos($dir.'/', '/', 1);
$pos = strrpos($tmp, '.d'); $tmp = substr($dir, 0, $pos);
$timestamp = substr($tmp, $pos+2); $pos = strrpos($tmp, '.d');
$result[] = array( $timestamp = substr($tmp, $pos+2);
'id' => $entryName, $result[] = array(
'timestamp' => $timestamp, 'id' => $entryName,
'mime' => $view->getMimeType($dir.'/'.$entryName), 'timestamp' => $timestamp,
'type' => $view->is_dir($dir.'/'.$entryName) ? 'dir' : 'file', 'mime' => $view->getMimeType($dir.'/'.$entryName),
'location' => $dir, 'type' => $view->is_dir($dir.'/'.$entryName) ? 'dir' : 'file',
); 'location' => $dir,
);
}
} }
closedir($dirContent);
} }
closedir($dirContent);
} else { } else {
$dirlisting = false; $dirlisting = false;
$query = \OC_DB::prepare('SELECT `id`,`location`,`timestamp`,`type`,`mime` FROM `*PREFIX*files_trash` WHERE `user` = ?'); $query = \OC_DB::prepare('SELECT `id`,`location`,`timestamp`,`type`,`mime` FROM `*PREFIX*files_trash` WHERE `user` = ?');

10
lib/app.php
View File

@ -667,14 +667,16 @@ class OC_App{
} }
$dh = opendir( $apps_dir['path'] ); $dh = opendir( $apps_dir['path'] );
while (($file = readdir($dh)) !== false) { if(is_resource($dh)) {
while (($file = readdir($dh)) !== false) {
if ($file[0] != '.' and is_file($apps_dir['path'].'/'.$file.'/appinfo/app.php')) { if ($file[0] != '.' and is_file($apps_dir['path'].'/'.$file.'/appinfo/app.php')) {
$apps[] = $file; $apps[] = $file;
}
} }
} }
} }

3
lib/archive.php
View File

@ -119,7 +119,8 @@ abstract class OC_Archive{
* @return bool * @return bool
*/ */
function addRecursive($path, $source) { function addRecursive($path, $source) {
if($dh=opendir($source)) { $dh = opendir($source);
if(is_resource($dh)) {
$this->addFolder($path); $this->addFolder($path);
while (($file = readdir($dh)) !== false) { while (($file = readdir($dh)) !== false) {
if($file=='.' or $file=='..') { if($file=='.' or $file=='..') {

11
lib/cache/file.php vendored
View File

@ -80,9 +80,11 @@ class OC_Cache_File{
$storage = $this->getStorage(); $storage = $this->getStorage();
if($storage and $storage->is_dir('/')) { if($storage and $storage->is_dir('/')) {
$dh=$storage->opendir('/'); $dh=$storage->opendir('/');
while (($file = readdir($dh)) !== false) { if(is_resource($dh)) {
if($file!='.' and $file!='..' and ($prefix==='' || strpos($file, $prefix) === 0)) { while (($file = readdir($dh)) !== false) {
$storage->unlink('/'.$file); if($file!='.' and $file!='..' and ($prefix==='' || strpos($file, $prefix) === 0)) {
$storage->unlink('/'.$file);
}
} }
} }
} }
@ -94,6 +96,9 @@ class OC_Cache_File{
if($storage and $storage->is_dir('/')) { if($storage and $storage->is_dir('/')) {
$now = time(); $now = time();
$dh=$storage->opendir('/'); $dh=$storage->opendir('/');
if(!is_resource($dh)) {
return null;
}
while (($file = readdir($dh)) !== false) { while (($file = readdir($dh)) !== false) {
if($file!='.' and $file!='..') { if($file!='.' and $file!='..') {
$mtime = $storage->filemtime('/'.$file); $mtime = $storage->filemtime('/'.$file);

20
lib/cache/fileglobal.php vendored
View File

@ -69,9 +69,11 @@ class OC_Cache_FileGlobal{
$prefix = $this->fixKey($prefix); $prefix = $this->fixKey($prefix);
if($cache_dir and is_dir($cache_dir)) { if($cache_dir and is_dir($cache_dir)) {
$dh=opendir($cache_dir); $dh=opendir($cache_dir);
while (($file = readdir($dh)) !== false) { if(is_resource($dh)) {
if($file!='.' and $file!='..' and ($prefix==='' || strpos($file, $prefix) === 0)) { while (($file = readdir($dh)) !== false) {
unlink($cache_dir.$file); if($file!='.' and $file!='..' and ($prefix==='' || strpos($file, $prefix) === 0)) {
unlink($cache_dir.$file);
}
} }
} }
} }
@ -88,11 +90,13 @@ class OC_Cache_FileGlobal{
$cache_dir = self::getCacheDir(); $cache_dir = self::getCacheDir();
if($cache_dir and is_dir($cache_dir)) { if($cache_dir and is_dir($cache_dir)) {
$dh=opendir($cache_dir); $dh=opendir($cache_dir);
while (($file = readdir($dh)) !== false) { if(is_resource($dh)) {
if($file!='.' and $file!='..') { while (($file = readdir($dh)) !== false) {
$mtime = filemtime($cache_dir.$file); if($file!='.' and $file!='..') {
if ($mtime < $now) { $mtime = filemtime($cache_dir.$file);
unlink($cache_dir.$file); if ($mtime < $now) {
unlink($cache_dir.$file);
}
} }
} }
} }

8
lib/connector/sabre/objecttree.php
View File

@ -88,11 +88,13 @@ class ObjectTree extends \Sabre_DAV_ObjectTree {
} else { } else {
Filesystem::mkdir($destination); Filesystem::mkdir($destination);
$dh = Filesystem::opendir($source); $dh = Filesystem::opendir($source);
while (($subnode = readdir($dh)) !== false) { if(is_resource($dh)) {
while (($subnode = readdir($dh)) !== false) {
if ($subnode == '.' || $subnode == '..') continue; if ($subnode == '.' || $subnode == '..') continue;
$this->copy($source . '/' . $subnode, $destination . '/' . $subnode); $this->copy($source . '/' . $subnode, $destination . '/' . $subnode);
}
} }
} }

28
lib/files/cache/scanner.php vendored
View File

@ -159,20 +159,22 @@ class Scanner extends BasicEmitter {
$newChildren = array(); $newChildren = array();
if ($this->storage->is_dir($path) && ($dh = $this->storage->opendir($path))) { if ($this->storage->is_dir($path) && ($dh = $this->storage->opendir($path))) {
\OC_DB::beginTransaction(); \OC_DB::beginTransaction();
while (($file = readdir($dh)) !== false) { if(is_resource($dh)) {
$child = ($path) ? $path . '/' . $file : $file; while (($file = readdir($dh)) !== false) {
if (!Filesystem::isIgnoredDir($file)) { $child = ($path) ? $path . '/' . $file : $file;
$newChildren[] = $file; if (!Filesystem::isIgnoredDir($file)) {
$data = $this->scanFile($child, $reuse, true); $newChildren[] = $file;
if ($data) { $data = $this->scanFile($child, $reuse, true);
if ($data['size'] === -1) { if ($data) {
if ($recursive === self::SCAN_RECURSIVE) { if ($data['size'] === -1) {
$childQueue[] = $child; if ($recursive === self::SCAN_RECURSIVE) {
} else { $childQueue[] = $child;
$size = -1; } else {
$size = -1;
}
} else if ($size !== -1) {
$size += $data['size'];
} }
} else if ($size !== -1) {
$size += $data['size'];
} }
} }
} }

21
lib/files/storage/common.php
View File

@ -142,13 +142,15 @@ abstract class Common implements \OC\Files\Storage\Storage {
return false; return false;
} else { } else {
$directoryHandle = $this->opendir($directory); $directoryHandle = $this->opendir($directory);
while (($contents = readdir($directoryHandle)) !== false) { if(is_resource($directoryHandle)) {
if (!\OC\Files\Filesystem::isIgnoredDir($contents)) { while (($contents = readdir($directoryHandle)) !== false) {
$path = $directory . '/' . $contents; if (!\OC\Files\Filesystem::isIgnoredDir($contents)) {
if ($this->is_dir($path)) { $path = $directory . '/' . $contents;
$this->deleteAll($path); if ($this->is_dir($path)) {
} else { $this->deleteAll($path);
$this->unlink($path); } else {
$this->unlink($path);
}
} }
} }
} }
@ -224,7 +226,8 @@ abstract class Common implements \OC\Files\Storage\Storage {
} }
private function addLocalFolder($path, $target) { private function addLocalFolder($path, $target) {
if ($dh = $this->opendir($path)) { $dh = $this->opendir($path);
if(is_resource($dh)) {
while (($file = readdir($dh)) !== false) { while (($file = readdir($dh)) !== false) {
if ($file !== '.' and $file !== '..') { if ($file !== '.' and $file !== '..') {
if ($this->is_dir($path . '/' . $file)) { if ($this->is_dir($path . '/' . $file)) {
@ -242,7 +245,7 @@ abstract class Common implements \OC\Files\Storage\Storage {
protected function searchInDir($query, $dir = '') { protected function searchInDir($query, $dir = '') {
$files = array(); $files = array();
$dh = $this->opendir($dir); $dh = $this->opendir($dir);
if ($dh) { if (is_resource($dh)) {
while (($item = readdir($dh)) !== false) { while (($item = readdir($dh)) !== false) {
if ($item == '.' || $item == '..') continue; if ($item == '.' || $item == '..') continue;
if (strstr(strtolower($item), strtolower($query)) !== false) { if (strstr(strtolower($item), strtolower($query)) !== false) {

20
lib/files/storage/mappedlocal.php
View File

@ -65,16 +65,18 @@ class MappedLocal extends \OC\Files\Storage\Common{
$logicalPath = $this->mapper->physicalToLogic($physicalPath); $logicalPath = $this->mapper->physicalToLogic($physicalPath);
$dh = opendir($physicalPath); $dh = opendir($physicalPath);
while (($file = readdir($dh)) !== false) { if(is_resource($dh)) {
if ($file === '.' or $file === '..') { while (($file = readdir($dh)) !== false) {
continue; if ($file === '.' or $file === '..') {
continue;
}
$logicalFilePath = $this->mapper->physicalToLogic($physicalPath.'/'.$file);
$file= $this->mapper->stripRootFolder($logicalFilePath, $logicalPath);
$file = $this->stripLeading($file);
$files[]= $file;
} }
$logicalFilePath = $this->mapper->physicalToLogic($physicalPath.'/'.$file);
$file= $this->mapper->stripRootFolder($logicalFilePath, $logicalPath);
$file = $this->stripLeading($file);
$files[]= $file;
} }
\OC\Files\Stream\Dir::register('local-win32'.$path, $files); \OC\Files\Stream\Dir::register('local-win32'.$path, $files);

8
lib/files/view.php
View File

@ -500,9 +500,11 @@ class View {
} else { } else {
if ($this->is_dir($path1) && ($dh = $this->opendir($path1))) { if ($this->is_dir($path1) && ($dh = $this->opendir($path1))) {
$result = $this->mkdir($path2); $result = $this->mkdir($path2);
while (($file = readdir($dh)) !== false) { if(is_resource($dh)) {
if (!Filesystem::isIgnoredDir($file)) { while (($file = readdir($dh)) !== false) {
$result = $this->copy($path1 . '/' . $file, $path2 . '/' . $file); if (!Filesystem::isIgnoredDir($file)) {
$result = $this->copy($path1 . '/' . $file, $path2 . '/' . $file);
}
} }
} }
} else { } else {

28
lib/helper.php
View File

@ -349,17 +349,19 @@ class OC_Helper {
if (!is_dir($path)) if (!is_dir($path))
return chmod($path, $filemode); return chmod($path, $filemode);
$dh = opendir($path); $dh = opendir($path);
while (($file = readdir($dh)) !== false) { if(is_resource($dh)) {
if ($file != '.' && $file != '..') { while (($file = readdir($dh)) !== false) {
$fullpath = $path . '/' . $file; if ($file != '.' && $file != '..') {
if (is_link($fullpath)) $fullpath = $path . '/' . $file;
return false; if (is_link($fullpath))
elseif (!is_dir($fullpath) && !@chmod($fullpath, $filemode)) return false;
return false; elseif (!self::chmodr($fullpath, $filemode)) elseif (!is_dir($fullpath) && !@chmod($fullpath, $filemode))
return false; return false; elseif (!self::chmodr($fullpath, $filemode))
return false;
}
} }
closedir($dh);
} }
closedir($dh);
if (@chmod($path, $filemode)) if (@chmod($path, $filemode))
return true; return true;
else else
@ -657,9 +659,11 @@ class OC_Helper {
// if oc-noclean is empty delete it // if oc-noclean is empty delete it
$isTmpDirNoCleanEmpty = true; $isTmpDirNoCleanEmpty = true;
$tmpDirNoClean = opendir($tmpDirNoCleanName); $tmpDirNoClean = opendir($tmpDirNoCleanName);
while (false !== ($file = readdir($tmpDirNoClean))) { if(is_resource($tmpDirNoClean)) {
if (!\OC\Files\Filesystem::isIgnoredDir($file)) { while (false !== ($file = readdir($tmpDirNoClean))) {
$isTmpDirNoCleanEmpty = false; if (!\OC\Files\Filesystem::isIgnoredDir($file)) {
$isTmpDirNoCleanEmpty = false;
}
} }
} }
if ($isTmpDirNoCleanEmpty) { if ($isTmpDirNoCleanEmpty) {

10
lib/installer.php
View File

@ -107,10 +107,12 @@ class OC_Installer{
if(!is_file($extractDir.'/appinfo/info.xml')) { if(!is_file($extractDir.'/appinfo/info.xml')) {
//try to find it in a subdir //try to find it in a subdir
$dh=opendir($extractDir); $dh=opendir($extractDir);
while (($folder = readdir($dh)) !== false) { if(is_resource($dh)) {
if($folder[0]!='.' and is_dir($extractDir.'/'.$folder)) { while (($folder = readdir($dh)) !== false) {
if(is_file($extractDir.'/'.$folder.'/appinfo/info.xml')) { if($folder[0]!='.' and is_dir($extractDir.'/'.$folder)) {
$extractDir.='/'.$folder; if(is_file($extractDir.'/'.$folder.'/appinfo/info.xml')) {
$extractDir.='/'.$folder;
}
} }
} }
} }

3
lib/migration/content.php
View File

@ -191,7 +191,8 @@ class OC_Migration_Content{
if( !file_exists( $dir ) ) { if( !file_exists( $dir ) ) {
return false; return false;
} }
if ($dirhandle = opendir($dir)) { $dirhandle = opendir($dir);
if(is_resource($dirhandle)) {
while (false !== ( $file = readdir($dirhandle))) { while (false !== ( $file = readdir($dirhandle))) {
if (( $file != '.' ) && ( $file != '..' )) { if (( $file != '.' ) && ( $file != '..' )) {