Merge pull request #4719 from owncloud/port_4701_master

Always check variable type before using readdir to avoid surprises
author: Thomas Müller <thomas.mueller@tmit.eu> 2013-09-12 15:44:20 -0700
committer: Thomas Müller <thomas.mueller@tmit.eu> 2013-09-12 15:44:20 -0700
commit: d5ddbfb04562ba69a94d05413b931a4b378f0220 (patch)
tree: 7c73eb0ce8e4f61be5a8361a0c93abb16fadea9c /apps
parent: c7ca86799b2608609ead7ecd2d84d0bbd47c6548 (diff)
parent: c01675de5d6650c7b1cd0571d8c313f21d13c33c (diff)
download: nextcloud-server-d5ddbfb04562ba69a94d05413b931a4b378f0220.tar.gz
nextcloud-server-d5ddbfb04562ba69a94d05413b931a4b378f0220.zip
8 files changed, 124 insertions, 110 deletions
diff --git a/apps/files_encryption/lib/util.php b/apps/files_encryption/lib/util.php
index cd4db05fb9b..d40c5d1a977 100644
--- a/apps/files_encryption/lib/util.php
+++ b/apps/files_encryption/lib/util.php
@@ -329,72 +329,73 @@ class Util {
 			$this->view->is_dir($directory)
 			&& $handle = $this->view->opendir($directory)
 		) {
-
-			while (false !== ($file = readdir($handle))) {
-
-				if (
-					$file !== "."
-					&& $file !== ".."
-				) {
-
-					$filePath = $directory . '/' . $this->view->getRelativePath('/' . $file);
-					$relPath = \OCA\Encryption\Helper::stripUserFilesPath($filePath);
-
-					// If the path is a directory, search
-					// its contents
-					if ($this->view->is_dir($filePath)) {
-
-						$this->findEncFiles($filePath, $found);
-
-						// If the path is a file, determine
-						// its encryption status
-					} elseif ($this->view->is_file($filePath)) {
-
-						// Disable proxies again, some-
-						// where they got re-enabled :/
-						\OC_FileProxy::$enabled = false;
-
-						$isEncryptedPath = $this->isEncryptedPath($filePath);
-						// If the file is encrypted
-						// NOTE: If the userId is
-						// empty or not set, file will
-						// detected as plain
-						// NOTE: This is inefficient;
-						// scanning every file like this
-						// will eat server resources :(
-						if (
-							Keymanager::getFileKey($this->view, $this->userId, $relPath)
-							&& $isEncryptedPath
-						) {
-
-							$found['encrypted'][] = array(
-								'name' => $file,
-								'path' => $filePath
-							);
-
-							// If the file uses old
-							// encryption system
-						} elseif (Crypt::isLegacyEncryptedContent($isEncryptedPath, $relPath)) {
-
-							$found['legacy'][] = array(
-								'name' => $file,
-								'path' => $filePath
-							);
-
-							// If the file is not encrypted
-						} else {
-
-							$found['plain'][] = array(
-								'name' => $file,
-								'path' => $relPath
-							);
+			if(is_resource($handle)) {
+				while (false !== ($file = readdir($handle))) {
+
+					if (
+						$file !== "."
+						&& $file !== ".."
+					) {
+
+						$filePath = $directory . '/' . $this->view->getRelativePath('/' . $file);
+						$relPath = \OCA\Encryption\Helper::stripUserFilesPath($filePath);
+
+						// If the path is a directory, search
+						// its contents
+						if ($this->view->is_dir($filePath)) {
+
+							$this->findEncFiles($filePath, $found);
+
+							// If the path is a file, determine
+							// its encryption status
+						} elseif ($this->view->is_file($filePath)) {
+
+							// Disable proxies again, some-
+							// where they got re-enabled :/
+							\OC_FileProxy::$enabled = false;
+
+							$isEncryptedPath = $this->isEncryptedPath($filePath);
+							// If the file is encrypted
+							// NOTE: If the userId is
+							// empty or not set, file will
+							// detected as plain
+							// NOTE: This is inefficient;
+							// scanning every file like this
+							// will eat server resources :(
+							if (
+								Keymanager::getFileKey($this->view, $this->userId, $relPath)
+								&& $isEncryptedPath
+							) {
+
+								$found['encrypted'][] = array(
+									'name' => $file,
+									'path' => $filePath
+								);
+
+								// If the file uses old
+								// encryption system
+							} elseif (Crypt::isLegacyEncryptedContent($isEncryptedPath, $relPath)) {
+
+								$found['legacy'][] = array(
+									'name' => $file,
+									'path' => $filePath
+								);
+
+								// If the file is not encrypted
+							} else {
+
+								$found['plain'][] = array(
+									'name' => $file,
+									'path' => $relPath
+								);
+
+							}
 
 						}
 
 					}
 
 				}
-
 			}
 
 			\OC_FileProxy::$enabled = true;
diff --git a/apps/files_external/lib/amazons3.php b/apps/files_external/lib/amazons3.php
index 2d7bcd4ac37..c08a266b48c 100644
--- a/apps/files_external/lib/amazons3.php
+++ b/apps/files_external/lib/amazons3.php
@@ -183,17 +183,20 @@ class AmazonS3 extends \OC\Files\Storage\Common {
 		}
 
 		$dh = $this->opendir($path);
-		while (($file = readdir($dh)) !== false) {
-			if ($file === '.' || $file === '..') {
-				continue;
-			}
 
-			if ($this->is_dir($path . '/' . $file)) {
-				$this->rmdir($path . '/' . $file);
-			} else {
-				$this->unlink($path . '/' . $file);
+		if(is_resource($dh)) {
+			while (($file = readdir($dh)) !== false) {
+				if ($file === '.' || $file === '..') {
+					continue;
+				}
+
+				if ($this->is_dir($path . '/' . $file)) {
+					$this->rmdir($path . '/' . $file);
+				} else {
+					$this->unlink($path . '/' . $file);
+				}
 			}
-               	}
+		}
 
 		try {
 			$result = $this->connection->deleteObject(array(
@@ -464,15 +467,17 @@ class AmazonS3 extends \OC\Files\Storage\Common {
 			}
 
 			$dh = $this->opendir($path1);
-			while (($file = readdir($dh)) !== false) {
-				if ($file === '.' || $file === '..') {
-					continue;
+			if(is_resource($dh)) {
+				while (($file = readdir($dh)) !== false) {
+					if ($file === '.' || $file === '..') {
+						continue;
+					}
+
+					$source = $path1 . '/' . $file;
+					$target = $path2 . '/' . $file;
+					$this->copy($source, $target);
 				}
-
-				$source = $path1 . '/' . $file;
-				$target = $path2 . '/' . $file;
-				$this->copy($source, $target);
-                	}
+			}
 		}
 
 		return true;
diff --git a/apps/files_external/lib/config.php b/apps/files_external/lib/config.php
index 1935740cd2e..659959e662e 100755
--- a/apps/files_external/lib/config.php
+++ b/apps/files_external/lib/config.php
@@ -378,7 +378,7 @@ class OC_Mount_Config {
 		}
 		$result = array();
 		$handle = opendir($path);
-		if ( ! $handle) {
+		if(!is_resource($handle)) {
 			return array();
 		}
 		while (false !== ($file = readdir($handle))) {
diff --git a/apps/files_external/lib/google.php b/apps/files_external/lib/google.php
index 215bdcda6c2..b63b5885de1 100644
--- a/apps/files_external/lib/google.php
+++ b/apps/files_external/lib/google.php
@@ -206,14 +206,16 @@ class Google extends \OC\Files\Storage\Common {
 	public function rmdir($path) {
 		if (trim($path, '/') === '') {
 			$dir = $this->opendir($path);
-			while (($file = readdir($dh)) !== false) {
-				if (!\OC\Files\Filesystem::isIgnoredDir($file)) {
-					if (!$this->unlink($path.'/'.$file)) {
-						return false;
+			if(is_resource($dir)) {
+				while (($file = readdir($dir)) !== false) {
+					if (!\OC\Files\Filesystem::isIgnoredDir($file)) {
+						if (!$this->unlink($path.'/'.$file)) {
+							return false;
+						}
 					}
 				}
+				closedir($dir);
 			}
-			closedir($dir);
 			$this->driveFiles = array();
 			return true;
 		} else {
diff --git a/apps/files_external/lib/irods.php b/apps/files_external/lib/irods.php
index b8191db2f2e..6d4f66e856e 100644
--- a/apps/files_external/lib/irods.php
+++ b/apps/files_external/lib/irods.php
@@ -56,7 +56,7 @@ class iRODS extends \OC\Files\Storage\StreamWrapper{
 		} else {
 			throw new \Exception();
 		}
-		
+
 	}
 
 	public static function login( $params ) {
@@ -138,11 +138,13 @@ class iRODS extends \OC\Files\Storage\StreamWrapper{
 	private function collectionMTime($path) {
 		$dh = $this->opendir($path);
 		$lastCTime = $this->filemtime($path);
-		while (($file = readdir($dh)) !== false) {
-			if ($file != '.' and $file != '..') {
-				$time = $this->filemtime($file);
-				if ($time > $lastCTime) {
-					$lastCTime = $time;
+		if(is_resource($dh)) {
+			while (($file = readdir($dh)) !== false) {
+				if ($file != '.' and $file != '..') {
+					$time = $this->filemtime($file);
+					if ($time > $lastCTime) {
+						$lastCTime = $time;
+					}
 				}
 			}
 		}
diff --git a/apps/files_external/lib/smb.php b/apps/files_external/lib/smb.php
index 8e7a28fba1a..ecd4dae0484 100644
--- a/apps/files_external/lib/smb.php
+++ b/apps/files_external/lib/smb.php
@@ -99,11 +99,13 @@ class SMB extends \OC\Files\Storage\StreamWrapper{
 	private function shareMTime() {
 		$dh=$this->opendir('');
 		$lastCtime=0;
-		while (($file = readdir($dh)) !== false) {
-			if ($file!='.' and $file!='..') {
-				$ctime=$this->filemtime($file);
-				if ($ctime>$lastCtime) {
-					$lastCtime=$ctime;
+		if(is_resource($dh)) {
+			while (($file = readdir($dh)) !== false) {
+				if ($file!='.' and $file!='..') {
+					$ctime=$this->filemtime($file);
+					if ($ctime>$lastCtime) {
+						$lastCtime=$ctime;
+					}
 				}
 			}
 		}
diff --git a/apps/files_sharing/lib/sharedstorage.php b/apps/files_sharing/lib/sharedstorage.php
index d91acbbb2bd..257da89c84e 100644
--- a/apps/files_sharing/lib/sharedstorage.php
+++ b/apps/files_sharing/lib/sharedstorage.php
@@ -221,7 +221,8 @@ class Shared extends \OC\Files\Storage\Common {
 	public function filemtime($path) {
 		if ($path == '' || $path == '/') {
 			$mtime = 0;
-			if ($dh = $this->opendir($path)) {
+			$dh = $this->opendir($path);
+			if(is_resource($dh)) {
 				while (($filename = readdir($dh)) !== false) {
 					$tempmtime = $this->filemtime($filename);
 					if ($tempmtime > $mtime) {
diff --git a/apps/files_trashbin/index.php b/apps/files_trashbin/index.php
index d7eb143f9af..b7d0ef012f4 100644
--- a/apps/files_trashbin/index.php
+++ b/apps/files_trashbin/index.php
@@ -23,23 +23,24 @@ if ($dir) {
 	$dirlisting = true;
 	$dirContent = $view->opendir($dir);
 	$i = 0;
-	while(($entryName = readdir($dirContent)) !== false) {
-		if (!\OC\Files\Filesystem::isIgnoredDir($entryName)) {
-			$pos = strpos($dir.'/', '/', 1);
-			$tmp = substr($dir, 0, $pos);
-			$pos = strrpos($tmp, '.d');
-			$timestamp = substr($tmp, $pos+2);
-			$result[] = array(
-					'id' => $entryName,
-					'timestamp' => $timestamp,
-					'mime' =>  $view->getMimeType($dir.'/'.$entryName),
-					'type' => $view->is_dir($dir.'/'.$entryName) ? 'dir' : 'file',
-					'location' => $dir,
-					);
+	if(is_resource($dirContent)) {
+		while(($entryName = readdir($dirContent)) !== false) {
+			if (!\OC\Files\Filesystem::isIgnoredDir($entryName)) {
+				$pos = strpos($dir.'/', '/', 1);
+				$tmp = substr($dir, 0, $pos);
+				$pos = strrpos($tmp, '.d');
+				$timestamp = substr($tmp, $pos+2);
+				$result[] = array(
+						'id' => $entryName,
+						'timestamp' => $timestamp,
+						'mime' =>  $view->getMimeType($dir.'/'.$entryName),
+						'type' => $view->is_dir($dir.'/'.$entryName) ? 'dir' : 'file',
+						'location' => $dir,
+						);
+			}
 		}
+		closedir($dirContent);
 	}
-	closedir($dirContent);
-
 } else {
 	$dirlisting = false;
 	$query = \OC_DB::prepare('SELECT `id`,`location`,`timestamp`,`type`,`mime` FROM `*PREFIX*files_trash` WHERE `user` = ?');
author	Thomas Müller <thomas.mueller@tmit.eu>	2013-09-12 15:44:20 -0700
committer	Thomas Müller <thomas.mueller@tmit.eu>	2013-09-12 15:44:20 -0700
commit	d5ddbfb04562ba69a94d05413b931a4b378f0220 (patch)
tree	7c73eb0ce8e4f61be5a8361a0c93abb16fadea9c /apps
parent	c7ca86799b2608609ead7ecd2d84d0bbd47c6548 (diff)
parent	c01675de5d6650c7b1cd0571d8c313f21d13c33c (diff)
download	nextcloud-server-d5ddbfb04562ba69a94d05413b931a4b378f0220.tar.gz nextcloud-server-d5ddbfb04562ba69a94d05413b931a4b378f0220.zip