summaryrefslogtreecommitdiffstats
path: root/lib/private/files/storage/common.php
diff options
context:
space:
mode:
Diffstat (limited to 'lib/private/files/storage/common.php')
-rw-r--r--lib/private/files/storage/common.php71
1 files changed, 66 insertions, 5 deletions
diff --git a/lib/private/files/storage/common.php b/lib/private/files/storage/common.php
index edd756cbf1e..8549d5a1fad 100644
--- a/lib/private/files/storage/common.php
+++ b/lib/private/files/storage/common.php
@@ -8,8 +8,14 @@
namespace OC\Files\Storage;
+use OC\Files\Cache\Cache;
+use OC\Files\Cache\Scanner;
+use OC\Files\Cache\Storage;
use OC\Files\Filesystem;
use OC\Files\Cache\Watcher;
+use OCP\Files\InvalidCharacterInPathException;
+use OCP\Files\InvalidPathException;
+use OCP\Files\ReservedWordException;
/**
* Storage backend class for providing common filesystem operation methods
@@ -25,7 +31,6 @@ use OC\Files\Cache\Watcher;
abstract class Common implements \OC\Files\Storage\Storage {
protected $cache;
protected $scanner;
- protected $permissioncache;
protected $watcher;
protected $storageCache;
@@ -303,7 +308,7 @@ abstract class Common implements \OC\Files\Storage\Storage {
$storage = $this;
}
if (!isset($this->cache)) {
- $this->cache = new \OC\Files\Cache\Cache($storage);
+ $this->cache = new Cache($storage);
}
return $this->cache;
}
@@ -313,7 +318,7 @@ abstract class Common implements \OC\Files\Storage\Storage {
$storage = $this;
}
if (!isset($this->scanner)) {
- $this->scanner = new \OC\Files\Cache\Scanner($storage);
+ $this->scanner = new Scanner($storage);
}
return $this->scanner;
}
@@ -323,7 +328,7 @@ abstract class Common implements \OC\Files\Storage\Storage {
$storage = $this;
}
if (!isset($this->watcher)) {
- $this->watcher = new \OC\Files\Cache\Watcher($storage);
+ $this->watcher = new Watcher($storage);
$this->watcher->setPolicy(\OC::$server->getConfig()->getSystemValue('filesystem_check_changes', Watcher::CHECK_ONCE));
}
return $this->watcher;
@@ -334,7 +339,7 @@ abstract class Common implements \OC\Files\Storage\Storage {
$storage = $this;
}
if (!isset($this->storageCache)) {
- $this->storageCache = new \OC\Files\Cache\Storage($storage);
+ $this->storageCache = new Storage($storage);
}
return $this->storageCache;
}
@@ -451,4 +456,60 @@ abstract class Common implements \OC\Files\Storage\Storage {
return [];
}
+ /**
+ * @inheritdoc
+ */
+ public function verifyPath($path, $fileName) {
+ // NOTE: $path will remain unverified for now
+ if (\OC_Util::runningOnWindows()) {
+ $this->verifyWindowsPath($fileName);
+ } else {
+ $this->verifyPosixPath($fileName);
+ }
+ }
+
+ /**
+ * https://msdn.microsoft.com/en-us/library/windows/desktop/aa365247%28v=vs.85%29.aspx
+ * @param string $fileName
+ * @throws InvalidPathException
+ */
+ protected function verifyWindowsPath($fileName) {
+ $fileName = trim($fileName);
+ $this->scanForInvalidCharacters($fileName, "\\/<>:\"|?*");
+ $reservedNames = ['CON', 'PRN', 'AUX', 'NUL', 'COM1', 'COM2', 'COM3', 'COM4', 'COM5', 'COM6', 'COM7', 'COM8', 'COM9', 'LPT1', 'LPT2', 'LPT3', 'LPT4', 'LPT5', 'LPT6', 'LPT7', 'LPT8', 'LPT9'];
+ if (in_array(strtoupper($fileName), $reservedNames)) {
+ throw new ReservedWordException();
+ }
+ }
+
+ /**
+ * @param string $fileName
+ * @throws InvalidPathException
+ */
+ protected function verifyPosixPath($fileName) {
+ $fileName = trim($fileName);
+ $this->scanForInvalidCharacters($fileName, "\\/");
+ $reservedNames = ['*'];
+ if (in_array($fileName, $reservedNames)) {
+ throw new ReservedWordException();
+ }
+ }
+
+ /**
+ * @param string $fileName
+ * @param string $invalidChars
+ * @throws InvalidPathException
+ */
+ private function scanForInvalidCharacters($fileName, $invalidChars) {
+ foreach(str_split($invalidChars) as $char) {
+ if (strpos($fileName, $char) !== false) {
+ throw new InvalidCharacterInPathException();
+ }
+ }
+
+ $sanitizedFileName = filter_var($fileName, FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW);
+ if($sanitizedFileName !== $fileName) {
+ throw new InvalidCharacterInPathException();
+ }
+ }
}