Index: webkit/fileapi/file_system_file_util.cc |
diff --git a/webkit/fileapi/file_system_file_util.cc b/webkit/fileapi/file_system_file_util.cc |
index 9349ad0368a474e5674ed1410fcb958693e22890..97cb87050c0f2ada79f86e30607a891f93d0be21 100644 |
--- a/webkit/fileapi/file_system_file_util.cc |
+++ b/webkit/fileapi/file_system_file_util.cc |
@@ -80,6 +80,13 @@ PlatformFileError FileSystemFileUtil::GetFileInfo( |
FilePath* platform_file_path) { |
if (!file_util::PathExists(file_path)) |
return base::PLATFORM_FILE_ERROR_NOT_FOUND; |
+#if defined(OS_CHROMEOS) |
+ // TODO(rkc): Fix this hack once we have refactored file_util to handle |
+ // symlinks correctly. This check prevents handled extensions from accessing |
+ // links |
+ if (file_util::IsLink(file_path)) |
Evan Martin
2011/05/27 20:57:09
Can you make this function local to this file? Th
|
+ return base::PLATFORM_FILE_ERROR_NOT_FOUND; |
+#endif |
if (!file_util::GetFileInfo(file_path, file_info)) |
return base::PLATFORM_FILE_ERROR_FAILED; |
*platform_file_path = file_path; |
@@ -107,6 +114,12 @@ PlatformFileError FileSystemFileUtil::ReadDirectory( |
// This will just give the entry's name instead of entire path |
// if we use current.value(). |
entry.name = file_util::FileEnumerator::GetFilename(info).value(); |
+#if defined(OS_CHROMEOS) |
+ // TODO(rkc): Fix this also once we've refactored file_util |
+ // This currently just prevents a file from showing up at all |
+ // if it's a link, hence preventing arbitary 'read' exploits |
+ if (!file_util::IsLink(file_path.Append(entry.name))) |
+#endif |
entries->push_back(entry); |
} |
return base::PLATFORM_FILE_OK; |