Merge pull request #21360 from nextcloud/root-storage-prevent-scanning

prevent the root storage from accidentally scanning user folders

5 files changed, 91 insertions, 1 deletions

diff --git a/lib/composer/composer/autoload_classmap.php b/lib/composer/composer/autoload_classmap.php
index b51c9876e5d..9d1ebf2815b 100644
--- a/lib/composer/composer/autoload_classmap.php
+++ b/lib/composer/composer/autoload_classmap.php
@@ -985,6 +985,7 @@ return array(
     'OC\\Files\\Cache\\FailedCache' => $baseDir . '/lib/private/Files/Cache/FailedCache.php',
     'OC\\Files\\Cache\\HomeCache' => $baseDir . '/lib/private/Files/Cache/HomeCache.php',
     'OC\\Files\\Cache\\HomePropagator' => $baseDir . '/lib/private/Files/Cache/HomePropagator.php',
+    'OC\\Files\\Cache\\LocalRootScanner' => $baseDir . '/lib/private/Files/Cache/LocalRootScanner.php',
     'OC\\Files\\Cache\\MoveFromCacheTrait' => $baseDir . '/lib/private/Files/Cache/MoveFromCacheTrait.php',
     'OC\\Files\\Cache\\Propagator' => $baseDir . '/lib/private/Files/Cache/Propagator.php',
     'OC\\Files\\Cache\\QuerySearchHelper' => $baseDir . '/lib/private/Files/Cache/QuerySearchHelper.php',
@@ -1049,6 +1050,7 @@ return array(
     'OC\\Files\\Storage\\Flysystem' => $baseDir . '/lib/private/Files/Storage/Flysystem.php',
     'OC\\Files\\Storage\\Home' => $baseDir . '/lib/private/Files/Storage/Home.php',
     'OC\\Files\\Storage\\Local' => $baseDir . '/lib/private/Files/Storage/Local.php',
+    'OC\\Files\\Storage\\LocalRootStorage' => $baseDir . '/lib/private/Files/Storage/LocalRootStorage.php',
     'OC\\Files\\Storage\\LocalTempFileTrait' => $baseDir . '/lib/private/Files/Storage/LocalTempFileTrait.php',
     'OC\\Files\\Storage\\PolyFill\\CopyDirectory' => $baseDir . '/lib/private/Files/Storage/PolyFill/CopyDirectory.php',
     'OC\\Files\\Storage\\Storage' => $baseDir . '/lib/private/Files/Storage/Storage.php',
diff --git a/lib/composer/composer/autoload_static.php b/lib/composer/composer/autoload_static.php
index 2f640e014f3..1b7cf1fa13a 100644
--- a/lib/composer/composer/autoload_static.php
+++ b/lib/composer/composer/autoload_static.php
@@ -1014,6 +1014,7 @@ class ComposerStaticInit53792487c5a8370acc0b06b1a864ff4c
         'OC\\Files\\Cache\\FailedCache' => __DIR__ . '/../../..' . '/lib/private/Files/Cache/FailedCache.php',
         'OC\\Files\\Cache\\HomeCache' => __DIR__ . '/../../..' . '/lib/private/Files/Cache/HomeCache.php',
         'OC\\Files\\Cache\\HomePropagator' => __DIR__ . '/../../..' . '/lib/private/Files/Cache/HomePropagator.php',
+        'OC\\Files\\Cache\\LocalRootScanner' => __DIR__ . '/../../..' . '/lib/private/Files/Cache/LocalRootScanner.php',
         'OC\\Files\\Cache\\MoveFromCacheTrait' => __DIR__ . '/../../..' . '/lib/private/Files/Cache/MoveFromCacheTrait.php',
         'OC\\Files\\Cache\\Propagator' => __DIR__ . '/../../..' . '/lib/private/Files/Cache/Propagator.php',
         'OC\\Files\\Cache\\QuerySearchHelper' => __DIR__ . '/../../..' . '/lib/private/Files/Cache/QuerySearchHelper.php',
@@ -1078,6 +1079,7 @@ class ComposerStaticInit53792487c5a8370acc0b06b1a864ff4c
         'OC\\Files\\Storage\\Flysystem' => __DIR__ . '/../../..' . '/lib/private/Files/Storage/Flysystem.php',
         'OC\\Files\\Storage\\Home' => __DIR__ . '/../../..' . '/lib/private/Files/Storage/Home.php',
         'OC\\Files\\Storage\\Local' => __DIR__ . '/../../..' . '/lib/private/Files/Storage/Local.php',
+        'OC\\Files\\Storage\\LocalRootStorage' => __DIR__ . '/../../..' . '/lib/private/Files/Storage/LocalRootStorage.php',
         'OC\\Files\\Storage\\LocalTempFileTrait' => __DIR__ . '/../../..' . '/lib/private/Files/Storage/LocalTempFileTrait.php',
         'OC\\Files\\Storage\\PolyFill\\CopyDirectory' => __DIR__ . '/../../..' . '/lib/private/Files/Storage/PolyFill/CopyDirectory.php',
         'OC\\Files\\Storage\\Storage' => __DIR__ . '/../../..' . '/lib/private/Files/Storage/Storage.php',
diff --git a/lib/private/Files/Cache/LocalRootScanner.php b/lib/private/Files/Cache/LocalRootScanner.php
new file mode 100644
index 00000000000..9ecc8c6611d
--- /dev/null
+++ b/lib/private/Files/Cache/LocalRootScanner.php
@@ -0,0 +1,47 @@
+<?php
+
+declare(strict_types=1);
+/**
+ * @copyright Copyright (c) 2020 Robin Appelman <robin@icewind.nl>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OC\Files\Cache;
+
+class LocalRootScanner extends Scanner {
+	public function scanFile($file, $reuseExisting = 0, $parentId = -1, $cacheData = null, $lock = true, $data = null) {
+		if ($this->shouldScanPath($file)) {
+			return parent::scanFile($file, $reuseExisting, $parentId, $cacheData, $lock, $data);
+		} else {
+			return null;
+		}
+	}
+
+	public function scan($path, $recursive = self::SCAN_RECURSIVE, $reuse = -1, $lock = true) {
+		if ($this->shouldScanPath($path)) {
+			return parent::scan($path, $recursive, $reuse, $lock);
+		} else {
+			return null;
+		}
+	}
+
+	private function shouldScanPath(string $path): bool {
+		$path = trim($path, '/');
+		return $path === '' || strpos($path, 'appdata_') === 0 || strpos($path, '__groupfolders') === 0;
+	}
+}
diff --git a/lib/private/Files/Storage/LocalRootStorage.php b/lib/private/Files/Storage/LocalRootStorage.php
new file mode 100644
index 00000000000..0ad9c18b640
--- /dev/null
+++ b/lib/private/Files/Storage/LocalRootStorage.php
@@ -0,0 +1,38 @@
+<?php
+
+declare(strict_types=1);
+/**
+ * @copyright Copyright (c) 2020 Robin Appelman <robin@icewind.nl>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OC\Files\Storage;
+
+use OC\Files\Cache\LocalRootScanner;
+
+class LocalRootStorage extends Local {
+	public function getScanner($path = '', $storage = null) {
+		if (!$storage) {
+			$storage = $this;
+		}
+		if (!isset($storage->scanner)) {
+			$storage->scanner = new LocalRootScanner($storage);
+		}
+		return $storage->scanner;
+	}
+}
diff --git a/lib/private/legacy/OC_Util.php b/lib/private/legacy/OC_Util.php
index 71f6edba0bf..dde47041c2b 100644
--- a/lib/private/legacy/OC_Util.php
+++ b/lib/private/legacy/OC_Util.php
@@ -63,6 +63,7 @@
  */
 
 use OC\AppFramework\Http\Request;
+use OC\Files\Storage\LocalRootStorage;
 use OCP\IConfig;
 use OCP\IGroupManager;
 use OCP\ILogger;
@@ -88,7 +89,7 @@ class OC_Util {
 		//first set up the local "root" storage
 		\OC\Files\Filesystem::initMountManager();
 		if (!self::$rootMounted) {
-			\OC\Files\Filesystem::mount('\OC\Files\Storage\Local', ['datadir' => $configDataDirectory], '/');
+			\OC\Files\Filesystem::mount(LocalRootStorage::class, ['datadir' => $configDataDirectory], '/');
 			self::$rootMounted = true;
 		}
 	}