Roxen.git/ server/ modules/ filesystems/ filesystem.pike

2018-04-10

2018-04-10 12:29:52 by Henrik Grubbström (Grubba) <grubba@grubba.org>

• 60f40f5dd2bd9257fec48082546417fb6813cd3e (72 lines) (+25/-47) ^{[ Show | Annotate ]}
  Branch: 980b1ef7c6ea13d5aa0040fe66460a760e79fd97

Filesystem: Cleaned up and fixed path filtering.

Dot-files are now filtered properly for all HTTP methods.

Also fixes some related issues with the internal file filter.

Fixes [WS-254].

939:       FILESYSTEM_WERR(sprintf("_file_size(%O, %O) ==> %d\n", f, id, size));    +  if(!id->misc->internal_get) { +  if (!dotfiles && sizeof(filter(f/"/", has_prefix, "."))) { +  TRACE_LEAVE("Path contains .-file or .-directory."); +  return 0; +  } +  if (FILTER_INTERNAL_FILE (f, id)) { +  id->misc->error_code = 405; +  TRACE_LEAVE ("Is internal file"); +  return 0; +  } +  } +     /*    * FIXME: Should probably move path-info extraction here.    * /grubba 1998-08-26
968:    return 0;    }    -  if(!id->misc->internal_get) -  { -  if (!dotfiles -  && sizeof (tmp = (id->not_query/"/")[-1]) -  && tmp[0] == '.') -  { -  TRACE_LEAVE("Is .-file"); -  return 0; -  } -  if (FILTER_INTERNAL_FILE (f, id)) -  { -  TRACE_LEAVE ("Is internal file"); -  return 0; -  } -  } -  +     TRACE_ENTER("Opening file \"" + f + "\"", 0);       SETUID_TRACE("Open file", 1);
1055:    return 0;    }    -  if (FILTER_INTERNAL_FILE (f, id)) { -  id->misc->error_code = 405; -  TRACE_LEAVE(sprintf("%s disallowed (since the dir name matches internal file glob)", -  id->method)); -  return 0; -  } -  +     if (size != -1) {    TRACE_LEAVE(sprintf("%s failed. Directory name already exists. ",    id->method));
1139:    return 0;    }    -  if (FILTER_INTERNAL_FILE (f, id)) { -  id->misc->error_code = 405; -  TRACE_LEAVE("PUT of internal file is disallowed"); -  return 0; -  } -  +     if (mapping(string:mixed) ret = write_access(f, 0, id)) {    TRACE_LEAVE("PUT: Locked");    return ret;
1263:    return 0;    }    -  if (FILTER_INTERNAL_FILE (f, id)) { -  id->misc->error_code = 405; -  TRACE_LEAVE("CHMOD of internal file is disallowed"); -  return 0; -  } -  +     if (mapping(string:mixed) ret = write_access(f, 0, id)) {    TRACE_LEAVE("CHMOD: Locked");    return ret;
1342:       string relative_from = id->misc->move_from[sizeof(mountpoint)..];    -  if (FILTER_INTERNAL_FILE (movefrom, id) || -  FILTER_INTERNAL_FILE (f, id)) { +  if (!dotfiles && sizeof(filter(relative_from/"/", has_prefix, "."))) { +  TRACE_LEAVE("From-path contains .-file or .-directory."); +  return 0; +  } +  if (FILTER_INTERNAL_FILE(relative_from, id)) {    id->misc->error_code = 405; -  TRACE_LEAVE("MV to or from internal file is disallowed"); +  TRACE_LEAVE("MV from internal file is disallowed.");    return 0;    }   
1430:    moveto = moveto[..sizeof(moveto)-2];    }    -  if (FILTER_INTERNAL_FILE (f, id) || -  FILTER_INTERNAL_FILE (new_uri, id)) { +  if (!dotfiles && sizeof(filter(new_uri/"/", has_prefix, "."))) { +  TRACE_LEAVE("Path contains .-file or .-directory."); +  return 0; +  } +  if (FILTER_INTERNAL_FILE (new_uri, id)) {    id->misc->error_code = 405; -  TRACE_LEAVE("MOVE to or from internal file is disallowed"); +  TRACE_LEAVE("MOVE to internal file is disallowed");    return 0;    }   
1562:    return 0;    }    -  if (FILTER_INTERNAL_FILE (f, id)) { -  id->misc->error_code = 405; -  TRACE_LEAVE("DELETE of internal file is disallowed"); -  return 0; -  } -  +     if (query("no_symlinks") && (contains_symlinks(path, f))) {    errors++;    report_error(LOCALE(48,"Deletion of %s failed. Permission denied.\n"),f);