diff options
| author | Vincent Petry <pvince81@owncloud.com> | 2017-03-24 11:28:54 +0100 |
|---|---|---|
| committer | Joas Schilling <coding@schilljs.com> | 2017-04-26 16:12:48 +0200 |
| commit | 1c771c097a478ee461bfbc3447c84a4abea22c8c (patch) | |
| tree | d3b4fe7cb413f7a32584a993ecb6bccc5fc4fcd0 | |
| parent | 327094d5574ed9cf330edcf33529ef7745b7b5f0 (diff) | |
| download | nextcloud-server-1c771c097a478ee461bfbc3447c84a4abea22c8c.tar.gz nextcloud-server-1c771c097a478ee461bfbc3447c84a4abea22c8c.zip | |
Use regex to detect part files
| -rw-r--r-- | lib/private/legacy/util.php | 4 | ||||
| -rw-r--r-- | tests/lib/UtilTest.php | 74 |
2 files changed, 44 insertions, 34 deletions
diff --git a/lib/private/legacy/util.php b/lib/private/legacy/util.php index d2012835980..d49599cb8a1 100644 --- a/lib/private/legacy/util.php +++ b/lib/private/legacy/util.php @@ -1389,8 +1389,8 @@ class OC_Util { return false; } - $path_parts = pathinfo($trimmed); - if ($path_parts['extension'] === 'part') { + // detect part files + if (preg_match('/' . \OCP\Files\FileInfo::BLACKLIST_FILES_REGEX . '/', $trimmed) !== 0) { return false; } diff --git a/tests/lib/UtilTest.php b/tests/lib/UtilTest.php index 278e6cfd4ce..39a29742e4f 100644 --- a/tests/lib/UtilTest.php +++ b/tests/lib/UtilTest.php @@ -204,41 +204,51 @@ class UtilTest extends \Test\TestCase { } public function filenameValidationProvider() { - return array( + return [ // valid names - array('boringname', true), - array('something.with.extension', true), - array('now with spaces', true), - array('.a', true), - array('..a', true), - array('.dotfile', true), - array('single\'quote', true), - array(' spaces before', true), - array('spaces after ', true), - array('allowed chars including the crazy ones $%&_-^@!,()[]{}=;#', true), - array('汉字也能用', true), - array('und Ümläüte sind auch willkommen', true), + ['boringname', true], + ['something.with.extension', true], + ['now with spaces', true], + ['.a', true], + ['..a', true], + ['.dotfile', true], + ['single\'quote', true], + [' spaces before', true], + ['spaces after ', true], + ['allowed chars including the crazy ones $%&_-^@!,()[]{}=;#', true], + ['汉字也能用', true], + ['und Ümläüte sind auch willkommen', true], // disallowed names - array('', false), - array(' ', false), - array('.', false), - array('..', false), - array('back\\slash', false), - array('sl/ash', false), - array('lt<lt', true), - array('gt>gt', true), - array('col:on', true), - array('double"quote', true), - array('pi|pe', true), - array('dont?ask?questions?', true), - array('super*star', true), - array('new\nline', false), + ['', false], + [' ', false], + ['.', false], + ['..', false], + ['back\\slash', false], + ['sl/ash', false], + ['lt<lt', true], + ['gt>gt', true], + ['col:on', true], + ['double"quote', true], + ['pi|pe', true], + ['dont?ask?questions?', true], + ['super*star', true], + ['new\nline', false], + // better disallow these to avoid unexpected trimming to have side effects - array(' ..', false), - array('.. ', false), - array('. ', false), - array(' .', false), - ); + [' ..', false], + ['.. ', false], + ['. ', false], + [' .', false], + + // part files not allowed + ['.part', false], + ['notallowed.part', false], + ['neither.filepart', false], + + // part in the middle is ok + ['super movie part one.mkv', true], + ['super.movie.part.mkv', true], + ]; } /** |