Merge pull request #14346 from owncloud/storage-based-path-validation

adding storage specific filename verification

13 files changed, 361 insertions, 70 deletions

diff --git a/lib/private/connector/sabre/exception/invalidpath.php b/lib/private/connector/sabre/exception/invalidpath.php
new file mode 100644
index 00000000000..ecf28f377b0
--- /dev/null
+++ b/lib/private/connector/sabre/exception/invalidpath.php
@@ -0,0 +1,63 @@
+<?php
+/**
+ * Copyright (c) 2015 Thomas Müller <deepdiver@owncloud.com>
+ * This file is licensed under the Affero General Public License version 3 or
+ * later.
+ * See the COPYING-README file. */
+
+namespace OC\Connector\Sabre\Exception;
+
+use Sabre\DAV\Exception;
+
+class InvalidPath extends Exception {
+
+	const NS_OWNCLOUD = 'http://owncloud.org/ns';
+
+	/**
+	 * @var bool
+	 */
+	private $retry;
+
+	/**
+	 * @param string $message
+	 * @param bool $retry
+	 */
+	public function __construct($message, $retry = false) {
+		parent::__construct($message);
+		$this->retry = $retry;
+	}
+
+	/**
+	 * Returns the HTTP status code for this exception
+	 *
+	 * @return int
+	 */
+	public function getHTTPCode() {
+
+		return 400;
+
+	}
+
+	/**
+	 * This method allows the exception to include additional information
+	 * into the WebDAV error response
+	 *
+	 * @param \Sabre\DAV\Server $server
+	 * @param \DOMElement $errorNode
+	 * @return void
+	 */
+	public function serialize(\Sabre\DAV\Server $server,\DOMElement $errorNode) {
+
+		// set ownCloud namespace
+		$errorNode->setAttribute('xmlns:o', self::NS_OWNCLOUD);
+
+		// adding the retry node
+		$error = $errorNode->ownerDocument->createElementNS('o:','o:retry', var_export($this->retry, true));
+		$errorNode->appendChild($error);
+
+		// adding the message node
+		$error = $errorNode->ownerDocument->createElementNS('o:','o:reason', $this->getMessage());
+		$errorNode->appendChild($error);
+	}
+
+}
diff --git a/lib/private/connector/sabre/file.php b/lib/private/connector/sabre/file.php
index 7ef6eea768e..8f0642d794a 100644
--- a/lib/private/connector/sabre/file.php
+++ b/lib/private/connector/sabre/file.php
@@ -66,17 +66,15 @@ class File extends \OC\Connector\Sabre\Node implements \Sabre\DAV\IFile {
 			throw new \Sabre\DAV\Exception\ServiceUnavailable("Encryption is disabled");
 		}
 
-		$fileName = basename($this->info->getPath());
-		if (!\OCP\Util::isValidFileName($fileName)) {
-			throw new \Sabre\DAV\Exception\BadRequest();
-		}
+		// verify path of the target
+		$this->verifyPath();
 
 		// chunked handling
 		if (isset($_SERVER['HTTP_OC_CHUNKED'])) {
 			return $this->createFileChunked($data);
 		}
 
-		list($storage,) = $this->fileView->resolvePath($this->path);
+		list($storage) = $this->fileView->resolvePath($this->path);
 		$needsPartFile = $this->needsPartFile($storage) && (strlen($this->path) > 1);
 
 		if ($needsPartFile) {
@@ -329,5 +327,5 @@ class File extends \OC\Connector\Sabre\Node implements \Sabre\DAV\IFile {
 		// and/or add method on Storage called "needsPartFile()"
 		return !$storage->instanceOfStorage('OCA\Files_Sharing\External\Storage') &&
 			!$storage->instanceOfStorage('OC\Files\Storage\OwnCloud');
-	}	
+	}
 }
diff --git a/lib/private/connector/sabre/node.php b/lib/private/connector/sabre/node.php
index 8fee6a4eb4e..cdabf26a3fb 100644
--- a/lib/private/connector/sabre/node.php
+++ b/lib/private/connector/sabre/node.php
@@ -1,28 +1,40 @@
 <?php
-
 /**
- * ownCloud
+ * @author Arthur Schiwon <blizzz@owncloud.com>
+ * @author Bart Visscher <bartv@thisnet.nl>
+ * @author Björn Schießle <schiessle@owncloud.com>
+ * @author Jakob Sack <mail@jakobsack.de>
+ * @author Jörn Friedrich Dreyer <jfd@butonic.de>
+ * @author Klaas Freitag <freitag@owncloud.com>
+ * @author Markus Goetz <markus@woboq.com>
+ * @author Morris Jobke <hey@morrisjobke.de>
+ * @author Robin Appelman <icewind@owncloud.com>
+ * @author Sam Tuke <mail@samtuke.com>
+ * @author Thomas Müller <thomas.mueller@tmit.eu>
+ * @author Vincent Petry <pvince81@owncloud.com>
  *
- * @author Jakob Sack
- * @copyright 2011 Jakob Sack kde@jakobsack.de
+ * @copyright Copyright (c) 2015, ownCloud, Inc.
+ * @license AGPL-3.0
  *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
- * License as published by the Free Software Foundation; either
- * version 3 of the License, or any later version.
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
  *
- * This library is distributed in the hope that it will be useful,
+ * This program is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU AFFERO GENERAL PUBLIC LICENSE for more details.
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
  *
- * You should have received a copy of the GNU Affero General Public
- * License along with this library.  If not, see <http://www.gnu.org/licenses/>.
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
  *
  */
 
 namespace OC\Connector\Sabre;
 
+use OC\Connector\Sabre\Exception\InvalidPath;
+
+
 abstract class Node implements \Sabre\DAV\INode {
 	/**
 	 * Allow configuring the method used to generate Etags
@@ -103,9 +115,8 @@ abstract class Node implements \Sabre\DAV\INode {
 		list($parentPath,) = \Sabre\HTTP\URLUtil::splitPath($this->path);
 		list(, $newName) = \Sabre\HTTP\URLUtil::splitPath($name);
 
-		if (!\OCP\Util::isValidFileName($newName)) {
-			throw new \Sabre\DAV\Exception\BadRequest();
-		}
+		// verify path of the target
+		$this->verifyPath();
 
 		$newPath = $parentPath . '/' . $newName;
 
@@ -230,4 +241,13 @@ abstract class Node implements \Sabre\DAV\INode {
 		}
 		return $p;
 	}
+
+	protected function verifyPath() {
+		try {
+			$fileName = basename($this->info->getPath());
+			$this->fileView->verifyPath($this->path, $fileName);
+		} catch (\OCP\Files\InvalidPathException $ex) {
+			throw new InvalidPath($ex->getMessage());
+		}
+	}
 }
diff --git a/lib/private/connector/sabre/objecttree.php b/lib/private/connector/sabre/objecttree.php
index 5edd949eeaf..3705aa80586 100644
--- a/lib/private/connector/sabre/objecttree.php
+++ b/lib/private/connector/sabre/objecttree.php
@@ -8,9 +8,11 @@
 
 namespace OC\Connector\Sabre;
 
+use OC\Connector\Sabre\Exception\InvalidPath;
 use OC\Files\FileInfo;
 use OC\Files\Filesystem;
 use OC\Files\Mount\MoveableMount;
+use OC_Connector_Sabre_Exception_InvalidPath;
 use OCP\Files\StorageInvalidException;
 use OCP\Files\StorageNotAvailableException;
 
@@ -185,8 +187,10 @@ class ObjectTree extends \Sabre\DAV\Tree {
 			}
 
 			$fileName = basename($destinationPath);
-			if (!\OCP\Util::isValidFileName($fileName)) {
-				throw new \Sabre\DAV\Exception\BadRequest();
+			try {
+				$this->fileView->verifyPath($destinationDir, $fileName);
+			} catch (\OCP\Files\InvalidPathException $ex) {
+				throw new InvalidPath($ex->getMessage());
 			}
 
 			$renameOkay = $this->fileView->rename($sourcePath, $destinationPath);
diff --git a/lib/private/files/storage/common.php b/lib/private/files/storage/common.php
index edd756cbf1e..8549d5a1fad 100644
--- a/lib/private/files/storage/common.php
+++ b/lib/private/files/storage/common.php
@@ -8,8 +8,14 @@
 
 namespace OC\Files\Storage;
 
+use OC\Files\Cache\Cache;
+use OC\Files\Cache\Scanner;
+use OC\Files\Cache\Storage;
 use OC\Files\Filesystem;
 use OC\Files\Cache\Watcher;
+use OCP\Files\InvalidCharacterInPathException;
+use OCP\Files\InvalidPathException;
+use OCP\Files\ReservedWordException;
 
 /**
  * Storage backend class for providing common filesystem operation methods
@@ -25,7 +31,6 @@ use OC\Files\Cache\Watcher;
 abstract class Common implements \OC\Files\Storage\Storage {
 	protected $cache;
 	protected $scanner;
-	protected $permissioncache;
 	protected $watcher;
 	protected $storageCache;
 
@@ -303,7 +308,7 @@ abstract class Common implements \OC\Files\Storage\Storage {
 			$storage = $this;
 		}
 		if (!isset($this->cache)) {
-			$this->cache = new \OC\Files\Cache\Cache($storage);
+			$this->cache = new Cache($storage);
 		}
 		return $this->cache;
 	}
@@ -313,7 +318,7 @@ abstract class Common implements \OC\Files\Storage\Storage {
 			$storage = $this;
 		}
 		if (!isset($this->scanner)) {
-			$this->scanner = new \OC\Files\Cache\Scanner($storage);
+			$this->scanner = new Scanner($storage);
 		}
 		return $this->scanner;
 	}
@@ -323,7 +328,7 @@ abstract class Common implements \OC\Files\Storage\Storage {
 			$storage = $this;
 		}
 		if (!isset($this->watcher)) {
-			$this->watcher = new \OC\Files\Cache\Watcher($storage);
+			$this->watcher = new Watcher($storage);
 			$this->watcher->setPolicy(\OC::$server->getConfig()->getSystemValue('filesystem_check_changes', Watcher::CHECK_ONCE));
 		}
 		return $this->watcher;
@@ -334,7 +339,7 @@ abstract class Common implements \OC\Files\Storage\Storage {
 			$storage = $this;
 		}
 		if (!isset($this->storageCache)) {
-			$this->storageCache = new \OC\Files\Cache\Storage($storage);
+			$this->storageCache = new Storage($storage);
 		}
 		return $this->storageCache;
 	}
@@ -451,4 +456,60 @@ abstract class Common implements \OC\Files\Storage\Storage {
 		return [];
 	}
 
+	/**
+	 * @inheritdoc
+	 */
+	public function verifyPath($path, $fileName) {
+		// NOTE: $path will remain unverified for now
+		if (\OC_Util::runningOnWindows()) {
+			$this->verifyWindowsPath($fileName);
+		} else {
+			$this->verifyPosixPath($fileName);
+		}
+	}
+
+	/**
+	 * https://msdn.microsoft.com/en-us/library/windows/desktop/aa365247%28v=vs.85%29.aspx
+	 * @param string $fileName
+	 * @throws InvalidPathException
+	 */
+	protected function verifyWindowsPath($fileName) {
+		$fileName = trim($fileName);
+		$this->scanForInvalidCharacters($fileName, "\\/<>:\"|?*");
+		$reservedNames = ['CON', 'PRN', 'AUX', 'NUL', 'COM1', 'COM2', 'COM3', 'COM4', 'COM5', 'COM6', 'COM7', 'COM8', 'COM9', 'LPT1', 'LPT2', 'LPT3', 'LPT4', 'LPT5', 'LPT6', 'LPT7', 'LPT8', 'LPT9'];
+		if (in_array(strtoupper($fileName), $reservedNames)) {
+			throw new ReservedWordException();
+		}
+	}
+
+	/**
+	 * @param string $fileName
+	 * @throws InvalidPathException
+	 */
+	protected function verifyPosixPath($fileName) {
+		$fileName = trim($fileName);
+		$this->scanForInvalidCharacters($fileName, "\\/");
+		$reservedNames = ['*'];
+		if (in_array($fileName, $reservedNames)) {
+			throw new ReservedWordException();
+		}
+	}
+
+	/**
+	 * @param string $fileName
+	 * @param string $invalidChars
+	 * @throws InvalidPathException
+	 */
+	private function scanForInvalidCharacters($fileName, $invalidChars) {
+		foreach(str_split($invalidChars) as $char) {
+			if (strpos($fileName, $char) !== false) {
+				throw new InvalidCharacterInPathException();
+			}
+		}
+
+		$sanitizedFileName = filter_var($fileName, FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW);
+		if($sanitizedFileName !== $fileName) {
+			throw new InvalidCharacterInPathException();
+		}
+	}
 }
diff --git a/lib/private/files/storage/wrapper/wrapper.php b/lib/private/files/storage/wrapper/wrapper.php
index ea9de287361..9208a7f7774 100644
--- a/lib/private/files/storage/wrapper/wrapper.php
+++ b/lib/private/files/storage/wrapper/wrapper.php
@@ -8,6 +8,8 @@
 
 namespace OC\Files\Storage\Wrapper;
 
+use OCP\Files\InvalidPathException;
+
 class Wrapper implements \OC\Files\Storage\Storage {
 	/**
 	 * @var \OC\Files\Storage\Storage $storage
@@ -477,4 +479,14 @@ class Wrapper implements \OC\Files\Storage\Storage {
 	public function getDirectDownload($path) {
 		return $this->storage->getDirectDownload($path);
 	}
+
+	/**
+	 * @param string $path the path of the target folder
+	 * @param string $fileName the name of the file itself
+	 * @return void
+	 * @throws InvalidPathException
+	 */
+	public function verifyPath($path, $fileName) {
+		$this->storage->verifyPath($path, $fileName);
+	}
 }
diff --git a/lib/private/files/view.php b/lib/private/files/view.php
index 4f9a4001d69..f14209fd925 100644
--- a/lib/private/files/view.php
+++ b/lib/private/files/view.php
@@ -11,6 +11,9 @@ namespace OC\Files;
 
 use OC\Files\Cache\Updater;
 use OC\Files\Mount\MoveableMount;
+use OCP\Files\InvalidCharacterInPathException;
+use OCP\Files\InvalidPathException;
+use OCP\Files\ReservedWordException;
 
 /**
  * Class to provide access to ownCloud filesystem via a "view", and methods for
@@ -29,11 +32,10 @@ use OC\Files\Mount\MoveableMount;
  * \OC\Files\Storage\Storage object
  */
 class View {
+	/** @var string */
 	private $fakeRoot = '';
 
-	/**
-	 * @var \OC\Files\Cache\Updater
-	 */
+	/** @var \OC\Files\Cache\Updater */
 	protected $updater;
 
 	/**
@@ -116,7 +118,7 @@ class View {
 	 * get the mountpoint of the storage object for a path
 	 * ( note: because a storage is not always mounted inside the fakeroot, the
 	 * returned mountpoint is relative to the absolute root of the filesystem
-	 * and doesn't take the chroot into account )
+	 * and does not take the chroot into account )
 	 *
 	 * @param string $path
 	 * @return string
@@ -129,7 +131,7 @@ class View {
 	 * get the mountpoint of the storage object for a path
 	 * ( note: because a storage is not always mounted inside the fakeroot, the
 	 * returned mountpoint is relative to the absolute root of the filesystem
-	 * and doesn't take the chroot into account )
+	 * and does not take the chroot into account )
 	 *
 	 * @param string $path
 	 * @return \OCP\Files\Mount\IMountPoint
@@ -1532,7 +1534,45 @@ class View {
 	/**
 	 * @return Updater
 	 */
-	public function getUpdater(){
+	public function getUpdater() {
 		return $this->updater;
 	}
+
+	/**
+	 * @param string $path
+	 * @param string $fileName
+	 * @throws InvalidPathException
+	 */
+	public function verifyPath($path, $fileName) {
+
+		$l10n = \OC::$server->getL10N('lib');
+
+		// verify empty and dot files
+		$trimmed = trim($fileName);
+		if ($trimmed === '') {
+			throw new InvalidPathException($l10n->t('Empty filename is not allowed'));
+		}
+		if ($trimmed === '.' || $trimmed === '..') {
+			throw new InvalidPathException($l10n->t('Dot files are not allowed'));
+		}
+
+		// verify database - e.g. mysql only 3-byte chars
+		if (preg_match('%^(?:
+      \xF0[\x90-\xBF][\x80-\xBF]{2}      # planes 1-3
+    | [\xF1-\xF3][\x80-\xBF]{3}          # planes 4-15
+    | \xF4[\x80-\x8F][\x80-\xBF]{2}      # plane 16
+)*$%xs', $fileName)) {
+			throw new InvalidPathException($l10n->t('4-byte characters are not supported in file names'));
+		}
+
+		try {
+			/** @type \OCP\Files\Storage $storage */
+			list($storage, $internalPath) = $this->resolvePath($path);
+			$storage->verifyPath($internalPath, $fileName);
+		} catch (ReservedWordException $ex) {
+			throw new InvalidPathException($l10n->t('File name is a reserved word'));
+		} catch (InvalidCharacterInPathException $ex) {
+			throw new InvalidPathException($l10n->t('File name contains at least one invalid characters'));
+		}
+	}
 }
diff --git a/lib/private/l10n.php b/lib/private/l10n.php
index 4e9316c333e..4fd4a617be8 100644
--- a/lib/private/l10n.php
+++ b/lib/private/l10n.php
@@ -80,6 +80,48 @@ class OC_L10N implements \OCP\IL10N {
 	}
 
 	/**
+	 * @param $app
+	 * @return string
+	 */
+	public static function setLanguageFromRequest($app = null) {
+		if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) {
+			if (is_array($app)) {
+				$available = $app;
+			} else {
+				$available = self::findAvailableLanguages($app);
+			}
+
+			// E.g. make sure that 'de' is before 'de_DE'.
+			sort($available);
+
+			$preferences = preg_split('/,\s*/', strtolower($_SERVER['HTTP_ACCEPT_LANGUAGE']));
+			foreach ($preferences as $preference) {
+				list($preferred_language) = explode(';', $preference);
+				$preferred_language = str_replace('-', '_', $preferred_language);
+				foreach ($available as $available_language) {
+					if ($preferred_language === strtolower($available_language)) {
+						if (is_null($app)) {
+							self::$language = $available_language;
+						}
+						return $available_language;
+					}
+				}
+				foreach ($available as $available_language) {
+					if (substr($preferred_language, 0, 2) === $available_language) {
+						if (is_null($app)) {
+							self::$language = $available_language;
+						}
+						return $available_language;
+					}
+				}
+			}
+		}
+
+		// Last try: English
+		return 'en';
+	}
+
+	/**
 	 * @param $transFile
 	 * @param bool $mergeTranslations
 	 * @return bool
@@ -403,41 +445,7 @@ class OC_L10N implements \OCP\IL10N {
 			return $default_language;
 		}
 
-		if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) {
-			if(is_array($app)) {
-				$available = $app;
-			} else {
-				$available = self::findAvailableLanguages($app);
-			}
-
-			// E.g. make sure that 'de' is before 'de_DE'.
-			sort($available);
-
-			$preferences = preg_split('/,\s*/', strtolower($_SERVER['HTTP_ACCEPT_LANGUAGE']));
-			foreach($preferences as $preference) {
-				list($preferred_language) = explode(';', $preference);
-				$preferred_language = str_replace('-', '_', $preferred_language);
-				foreach($available as $available_language) {
-					if ($preferred_language === strtolower($available_language)) {
-						if (is_null($app)) {
-							self::$language = $available_language;
-						}
-						return $available_language;
-					}
-				}
-				foreach($available as $available_language) {
-					if (substr($preferred_language, 0, 2) === $available_language) {
-						if (is_null($app)) {
-							self::$language = $available_language;
-						}
-						return $available_language;
-					}
-				}
-			}
-		}
-
-		// Last try: English
-		return 'en';
+		return self::setLanguageFromRequest($app);
 	}
 
 	/**
diff --git a/lib/private/util.php b/lib/private/util.php
index c6ad7cb5768..62bbf5cf2aa 100644
--- a/lib/private/util.php
+++ b/lib/private/util.php
@@ -1416,6 +1416,7 @@ class OC_Util {
 	 *
 	 * @param string $file file name to check
 	 * @return bool true if the file name is valid, false otherwise
+	 * @deprecated use \OC\Files\View::verifyPath()
 	 */
 	public static function isValidFileName($file) {
 		$trimmed = trim($file);
diff --git a/lib/public/files/invalidcharacterinpathexception.php b/lib/public/files/invalidcharacterinpathexception.php
new file mode 100644
index 00000000000..4ae2eb01c19
--- /dev/null
+++ b/lib/public/files/invalidcharacterinpathexception.php
@@ -0,0 +1,37 @@
+<?php
+/**
+ * ownCloud
+ *
+ * @author Thomas Müller
+ * @copyright 2013 Thomas Müller deepdiver@owncloud.com
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU AFFERO GENERAL PUBLIC LICENSE for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public
+ * License along with this library.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+/**
+ * Public interface of ownCloud for apps to use.
+ * Files/InvalidCharacterInPathException class
+ */
+
+// use OCP namespace for all classes that are considered public.
+// This means that they should be used by apps instead of the internal ownCloud classes
+namespace OCP\Files;
+
+/**
+ * Exception for invalid path
+ */
+class InvalidCharacterInPathException extends InvalidPathException {
+
+}
diff --git a/lib/public/files/reservedwordexception.php b/lib/public/files/reservedwordexception.php
new file mode 100644
index 00000000000..25c618a8ded
--- /dev/null
+++ b/lib/public/files/reservedwordexception.php
@@ -0,0 +1,37 @@
+<?php
+/**
+ * ownCloud
+ *
+ * @author Thomas Müller
+ * @copyright 2013 Thomas Müller deepdiver@owncloud.com
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU AFFERO GENERAL PUBLIC LICENSE for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public
+ * License along with this library.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+/**
+ * Public interface of ownCloud for apps to use.
+ * Files/ReservedWordException class
+ */
+
+// use OCP namespace for all classes that are considered public.
+// This means that they should be used by apps instead of the internal ownCloud classes
+namespace OCP\Files;
+
+/**
+ * Exception for invalid path
+ */
+class ReservedWordException extends InvalidPathException {
+
+}
diff --git a/lib/public/files/storage.php b/lib/public/files/storage.php
index 3e6559c28f7..388ba5fa6ac 100644
--- a/lib/public/files/storage.php
+++ b/lib/public/files/storage.php
@@ -28,6 +28,7 @@
 // use OCP namespace for all classes that are considered public.
 // This means that they should be used by apps instead of the internal ownCloud classes
 namespace OCP\Files;
+use OCP\Files\InvalidPathException;
 
 /**
  * Provide a common interface to all different storage options
@@ -345,4 +346,12 @@ interface Storage {
 	 * @return array|false
 	 */
 	public function getDirectDownload($path);
+
+	/**
+	 * @param string $path the path of the target folder
+	 * @param string $fileName the name of the file itself
+	 * @return void
+	 * @throws InvalidPathException
+	 */
+	public function verifyPath($path, $fileName);
 }
diff --git a/lib/public/util.php b/lib/public/util.php
index e6e14a26e01..aa6cd5ba012 100644
--- a/lib/public/util.php
+++ b/lib/public/util.php
@@ -497,6 +497,7 @@ class Util {
 	 * Returns whether the given file name is valid
 	 * @param string $file file name to check
 	 * @return bool true if the file name is valid, false otherwise
+	 * @deprecated use \OC\Files\View::verifyPath()
 	 */
 	public static function isValidFileName($file) {
 		return \OC_Util::isValidFileName($file);