aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorFerdinand Thiessen <opensource@fthiessen.de>2024-08-27 14:06:23 +0200
committerAndy Scherzinger <info@andy-scherzinger.de>2024-08-28 17:22:20 +0200
commit08836696e2234a47e21758fcd208dd42144a7f23 (patch)
tree906955db8ebbd64934d15fffdad6ac40708c4bfe
parent030c209d22ea93b2f168bd02521d83c525ea26ab (diff)
downloadnextcloud-server-08836696e2234a47e21758fcd208dd42144a7f23.tar.gz
nextcloud-server-08836696e2234a47e21758fcd208dd42144a7f23.zip
fix: Allow read-only filename validation to allow reading files
Needed to read files with the "Windows compatibility" feature. Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
-rw-r--r--apps/dav/lib/Connector/Sabre/Directory.php2
-rw-r--r--lib/private/Files/View.php13
2 files changed, 13 insertions, 2 deletions
diff --git a/apps/dav/lib/Connector/Sabre/Directory.php b/apps/dav/lib/Connector/Sabre/Directory.php
index 503acf8dae5..c1b69323a44 100644
--- a/apps/dav/lib/Connector/Sabre/Directory.php
+++ b/apps/dav/lib/Connector/Sabre/Directory.php
@@ -173,7 +173,7 @@ class Directory extends \OCA\DAV\Connector\Sabre\Node implements \Sabre\DAV\ICol
$path = $this->path . '/' . $name;
if (is_null($info)) {
try {
- $this->fileView->verifyPath($this->path, $name);
+ $this->fileView->verifyPath($this->path, $name, true);
$info = $this->fileView->getFileInfo($path);
} catch (\OCP\Files\StorageNotAvailableException $e) {
throw new \Sabre\DAV\Exception\ServiceUnavailable($e->getMessage(), 0, $e);
diff --git a/lib/private/Files/View.php b/lib/private/Files/View.php
index 494b4493d2c..e0416d9051d 100644
--- a/lib/private/Files/View.php
+++ b/lib/private/Files/View.php
@@ -1826,15 +1826,26 @@ class View {
/**
* @param string $path
* @param string $fileName
+ * @param bool $readonly Check only if the path is allowed for read-only access
* @throws InvalidPathException
*/
- public function verifyPath($path, $fileName): void {
+ public function verifyPath($path, $fileName, $readonly = false): void {
// All of the view's functions disallow '..' in the path so we can short cut if the path is invalid
if (!Filesystem::isValidPath($path ?: '/')) {
$l = \OCP\Util::getL10N('lib');
throw new InvalidPathException($l->t('Path contains invalid segments'));
}
+ // Short cut for read-only validation
+ if ($readonly) {
+ $validator = \OCP\Server::get(FilenameValidator::class);
+ if ($validator->isForbidden($fileName)) {
+ $l = \OCP\Util::getL10N('lib');
+ throw new InvalidPathException($l->t('Filename is a reserved word'));
+ }
+ return;
+ }
+
try {
/** @type \OCP\Files\Storage $storage */
[$storage, $internalPath] = $this->resolvePath($path);