Disallow links from being seen by the extensions via the fileapi.

webkit/fileapi/file_system_file_util.cc

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "webkit/fileapi/file_system_file_util.h"
 
 #include <stack>
 
 #include "base/file_util_proxy.h"
 #include "base/logging.h"
@@ skipping 62 matching lines @@
   return base::PLATFORM_FILE_OK;
 }
 
 PlatformFileError FileSystemFileUtil::GetFileInfo(
     FileSystemOperationContext* unused,
     const FilePath& file_path,
     base::PlatformFileInfo* file_info,
     FilePath* platform_file_path) {
   if (!file_util::PathExists(file_path))
     return base::PLATFORM_FILE_ERROR_NOT_FOUND;
+  // TODO(rkc): Fix this hack once we have refactored file_util to handle
+  // symlinks correctly. This check prevents handled extensions from accessing
+  // links

[Evan Martin, 2011/05/31 21:22:32]

Can you describe how this is a hack?  Or link to a bug number?

[rkc, 2011/05/31 21:49:56]

Done.

+  if (file_util::IsLink(file_path))
+    return base::PLATFORM_FILE_ERROR_NOT_FOUND;
   if (!file_util::GetFileInfo(file_path, file_info))
     return base::PLATFORM_FILE_ERROR_FAILED;
   *platform_file_path = file_path;
   return base::PLATFORM_FILE_OK;
 }
 
 PlatformFileError FileSystemFileUtil::ReadDirectory(
     FileSystemOperationContext* unused,
     const FilePath& file_path,
     std::vector<base::FileUtilProxy::Entry>* entries) {
   // TODO(kkanetkar): Implement directory read in multiple chunks.
   if (!file_util::DirectoryExists(file_path))
     return base::PLATFORM_FILE_ERROR_NOT_FOUND;
 
   file_util::FileEnumerator file_enum(
       file_path, false, static_cast<file_util::FileEnumerator::FILE_TYPE>(
       file_util::FileEnumerator::FILES |
       file_util::FileEnumerator::DIRECTORIES));
   FilePath current;
   while (!(current = file_enum.Next()).empty()) {
     base::FileUtilProxy::Entry entry;
     file_util::FileEnumerator::FindInfo info;
     file_enum.GetFindInfo(&info);
     entry.is_directory = file_enum.IsDirectory(info);
     // This will just give the entry's name instead of entire path
     // if we use current.value().
     entry.name = file_util::FileEnumerator::GetFilename(info).value();
+    // TODO(rkc): Fix this also once we've refactored file_util
+    // This currently just prevents a file from showing up at all
+    // if it's a link, hence preventing arbitary 'read' exploits
+    if (!file_util::IsLink(file_path.Append(entry.name)))
     entries->push_back(entry);

[Evan Martin, 2011/05/31 21:22:32]

tabbing wrong here.

[rkc, 2011/05/31 21:49:56]

Done.

   }
   return base::PLATFORM_FILE_OK;
 }
 
 PlatformFileError FileSystemFileUtil::CreateDirectory(
     FileSystemOperationContext* unused,
     const FilePath& file_path,
     bool exclusive,
     bool recursive) {
   // If parent dir of file doesn't exist.
@@ skipping 324 matching lines @@
 FileSystemFileUtil::CreateFileEnumerator(
     FileSystemOperationContext* unused,
     const FilePath& root_path) {
   return new FileSystemFileEnumerator(
       root_path, true, static_cast<file_util::FileEnumerator::FILE_TYPE>(
       file_util::FileEnumerator::FILES |
       file_util::FileEnumerator::DIRECTORIES));
 }
 
 }  // namespace fileapi