1 files changed, 31 insertions, 6 deletions

diff --git a/lib/private/files/view.php b/lib/private/files/view.php
index 4f9a4001d69..17fad72e5e7 100644
--- a/lib/private/files/view.php
+++ b/lib/private/files/view.php
@@ -11,6 +11,7 @@ namespace OC\Files;
 
 use OC\Files\Cache\Updater;
 use OC\Files\Mount\MoveableMount;
+use OCP\Files\InvalidPathException;
 
 /**
  * Class to provide access to ownCloud filesystem via a "view", and methods for
@@ -29,11 +30,10 @@ use OC\Files\Mount\MoveableMount;
  * \OC\Files\Storage\Storage object
  */
 class View {
+	/** @var string */
 	private $fakeRoot = '';
 
-	/**
-	 * @var \OC\Files\Cache\Updater
-	 */
+	/** @var \OC\Files\Cache\Updater */
 	protected $updater;
 
 	/**
@@ -116,7 +116,7 @@ class View {
 	 * get the mountpoint of the storage object for a path
 	 * ( note: because a storage is not always mounted inside the fakeroot, the
 	 * returned mountpoint is relative to the absolute root of the filesystem
-	 * and doesn't take the chroot into account )
+	 * and does not take the chroot into account )
 	 *
 	 * @param string $path
 	 * @return string
@@ -129,7 +129,7 @@ class View {
 	 * get the mountpoint of the storage object for a path
 	 * ( note: because a storage is not always mounted inside the fakeroot, the
 	 * returned mountpoint is relative to the absolute root of the filesystem
-	 * and doesn't take the chroot into account )
+	 * and does not take the chroot into account )
 	 *
 	 * @param string $path
 	 * @return \OCP\Files\Mount\IMountPoint
@@ -1532,7 +1532,32 @@ class View {
 	/**
 	 * @return Updater
 	 */
-	public function getUpdater(){
+	public function getUpdater() {
 		return $this->updater;
 	}
+
+	public function verifyPath($path, $fileName) {
+
+		// verify empty and dot files
+		$trimmed = trim($fileName);
+		if ($trimmed === '') {
+			throw new InvalidPathException('Empty filename is not allowed');
+		}
+		if ($trimmed === '.' || $trimmed === '..') {
+			throw new InvalidPathException('Dot files are not allowed');
+		}
+
+		// verify database - e.g. mysql only 3-byte chars
+		if (preg_match('%^(?:
+      \xF0[\x90-\xBF][\x80-\xBF]{2}      # planes 1-3
+    | [\xF1-\xF3][\x80-\xBF]{3}          # planes 4-15
+    | \xF4[\x80-\x8F][\x80-\xBF]{2}      # plane 16
+)*$%xs', $fileName)) {
+			throw new InvalidPathException('4-byte characters are not supported in file names');
+		}
+
+		/** @type \OCP\Files\Storage $storage */
+		list($storage, $internalPath) = $this->resolvePath($path);
+		$storage->verifyPath($internalPath, $fileName);
+	}
 }