necouchman commented on code in PR #615: URL: https://github.com/apache/guacamole-server/pull/615#discussion_r2322133191
########## src/libguac/file.c: ########## @@ -0,0 +1,245 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +#include "file-private.h" +#include "guacamole/error.h" +#include "guacamole/file.h" +#include "guacamole/mem.h" +#include "guacamole/string.h" + +#include <errno.h> +#include <fcntl.h> +#include <stddef.h> +#include <stdio.h> +#include <string.h> +#include <sys/stat.h> +#include <sys/types.h> +#include <unistd.h> + +/** + * Creates the directory with the given path. Where possible (non-Windows + * platforms), this directory is given "rwxr-x---" (0750) permissions. If the + * directory cannot be created, errno is set appropriately. + * + * @param path + * The full path of the directory to create. + * + * @return + * Zero if the directory was created successfully, non-zero otherwise. + */ +static int guac_mkdir(const char* path) { +#ifndef __MINGW32__ + return mkdir(path, S_IRWXU | S_IRGRP | S_IXGRP); +#else + return _mkdir(path); +#endif +} + +/** + * Attempts to acquire a lock on the file associated with the given file + * descriptor. The type of lock acquired is dictated by the read_lock flag. If + * the lock cannot be acquired. errno is set appropriately. Review Comment: `acquired. errno` -> `acquired, errno` ########## src/libguac/file.c: ########## @@ -0,0 +1,245 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +#include "file-private.h" +#include "guacamole/error.h" +#include "guacamole/file.h" +#include "guacamole/mem.h" +#include "guacamole/string.h" + +#include <errno.h> +#include <fcntl.h> +#include <stddef.h> +#include <stdio.h> +#include <string.h> +#include <sys/stat.h> +#include <sys/types.h> +#include <unistd.h> + +/** + * Creates the directory with the given path. Where possible (non-Windows + * platforms), this directory is given "rwxr-x---" (0750) permissions. If the + * directory cannot be created, errno is set appropriately. + * + * @param path + * The full path of the directory to create. + * + * @return + * Zero if the directory was created successfully, non-zero otherwise. + */ +static int guac_mkdir(const char* path) { +#ifndef __MINGW32__ + return mkdir(path, S_IRWXU | S_IRGRP | S_IXGRP); +#else + return _mkdir(path); +#endif +} + +/** + * Attempts to acquire a lock on the file associated with the given file + * descriptor. The type of lock acquired is dictated by the read_lock flag. If + * the lock cannot be acquired. errno is set appropriately. + * + * This function currently has no effet under Windows and simply returns + * success. + * + * @param fd + * The file descriptor of the file to lock. + * + * @param read_lock + * Whether the lock acquired should be a read lock (non-zero) or a write + * lock (zero). + * + * @return + * Zero if the lock was successfully acquired, non-zero on error. + */ +static int guac_flock(int fd, int read_lock) { + +#ifndef __MINGW32__ + /* Translate requested file open flags (read-only vs. read/write) into + * the relevant kind of lock */ + struct flock file_lock = { + .l_type = read_lock ? F_RDLCK : F_WRLCK, + .l_whence = SEEK_SET, + .l_start = 0, + .l_len = 0, + .l_pid = getpid() + }; + + /* Abort if file cannot be locked */ + return fcntl(fd, F_SETLK, &file_lock) == -1; +#else + return 0; +#endif + +} + +int guac_is_filename(const char* filename) { + + /* Verify no references to current or parent directory */ + if (strcmp(filename, "..") == 0 || strcmp(filename, ".") == 0) + return 0; + + /* Verify no path separators are present in filename */ + for (const char* current = filename; *current != '\0'; current++) { + if (*current == '/' || *current == '\\') + return 0; + } + + return 1; + +} + +int guac_openat(const char* path, const char* filename, + const guac_open_how* how) { + + int dir_fd = -1; + int fd = -1; + + /* Verify only the path contains any path separators, etc. */ Review Comment: This comment seems a little off to me - maybe `verify that the filename does not contain path separators`? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
