Make sure we don't scan files that can not be accessed

Signed-off-by: Joas Schilling <coding@schilljs.com>

diff --git a/lib/private/Files/Cache/Scanner.php b/lib/private/Files/Cache/Scanner.php
index 28f7be0b65acee37df2a55be6f43d68bf24d7c3b..237934db7a56ff3afef215ae4fcccb200f991afc 100644 (file)
--- a/lib/private/Files/Cache/Scanner.php
+++ b/lib/private/Files/Cache/Scanner.php
@@ -132,6 +132,24 @@ class Scanner extends BasicEmitter implements IScanner {
         */
        public function scanFile($file, $reuseExisting = 0, $parentId = -1, $cacheData = null, $lock = true) {
 
+               if (!\OC::$server->getDatabaseConnection()->supports4ByteText()) {
+                       // verify database - e.g. mysql only 3-byte chars
+                       if (preg_match('%(?:
+      \xF0[\x90-\xBF][\x80-\xBF]{2}      # planes 1-3
+    | [\xF1-\xF3][\x80-\xBF]{3}          # planes 4-15
+    | \xF4[\x80-\x8F][\x80-\xBF]{2}      # plane 16
+)%xs', $file)) {
+                               // 4-byte characters are not supported in file names
+                               return null;
+                       }
+               }
+
+               try {
+                       $this->storage->verifyPath(dirname($file), basename($file));
+               } catch (\Exception $e) {
+                       return null;
+               }
+
                // only proceed if $file is not a partial file nor a blacklisted file
                if (!self::isPartialFile($file) and !Filesystem::isFileBlacklisted($file)) {
 
@@ -167,6 +185,9 @@ class Scanner extends BasicEmitter implements IScanner {
                                // scan the parent if it's not in the cache (id -1) and the current file is not the root folder
                                if ($file and $parentId === -1) {
                                        $parentData = $this->scanFile($parent);
+                                       if (!$parentData) {
+                                               return null;
+                                       }
                                        $parentId = $parentData['fileid'];
                                }
                                if ($parent) {

diff --git a/tests/lib/Files/Cache/ScannerTest.php b/tests/lib/Files/Cache/ScannerTest.php
index b44b6f5d0f5465cd4efaa9d72f0933fb6479fc4c..075716f8033fc3950fe6a246b1632ecff2d7427e 100644 (file)
--- a/tests/lib/Files/Cache/ScannerTest.php
+++ b/tests/lib/Files/Cache/ScannerTest.php
@@ -70,6 +70,32 @@ class ScannerTest extends \Test\TestCase {
                $this->assertEquals($cachedData['mimetype'], 'image/png');
        }
 
+       function testFile4Byte() {
+               $data = "dummy file data\n";
+               $this->storage->file_put_contents('foo🙈.txt', $data);
+
+               if (\OC::$server->getDatabaseConnection()->supports4ByteText()) {
+                       $this->assertNotNull($this->scanner->scanFile('foo🙈.txt'));
+                       $this->assertTrue($this->cache->inCache('foo🙈.txt'), true);
+
+                       $cachedData = $this->cache->get('foo🙈.txt');
+                       $this->assertEquals(strlen($data), $cachedData['size']);
+                       $this->assertEquals('text/plain', $cachedData['mimetype']);
+                       $this->assertNotEquals(-1, $cachedData['parent']); //parent folders should be scanned automatically
+               } else {
+                       $this->assertNull($this->scanner->scanFile('foo🙈.txt'));
+                       $this->assertFalse($this->cache->inCache('foo🙈.txt'), true);
+               }
+       }
+
+       function testFileInvalidChars() {
+               $data = "dummy file data\n";
+               $this->storage->file_put_contents("foo\nbar.txt", $data);
+
+               $this->assertNull($this->scanner->scanFile("foo\nbar.txt"));
+               $this->assertFalse($this->cache->inCache("foo\nbar.txt"), true);
+       }
+
        private function fillTestFolders() {
                $textData = "dummy file data\n";
                $imgData = file_get_contents(\OC::$SERVERROOT . '/core/img/logo.png');