Disallow links from being seen by the extensions via the fileapi.

webkit/fileapi/file_system_file_util.cc

Index: webkit/fileapi/file_system_file_util.cc
diff --git a/webkit/fileapi/file_system_file_util.cc b/webkit/fileapi/file_system_file_util.cc
index 9349ad0368a474e5674ed1410fcb958693e22890..46a7804d9216846ff00afcfb0ff61635fc7a421b 100644
--- a/webkit/fileapi/file_system_file_util.cc
+++ b/webkit/fileapi/file_system_file_util.cc
@@ -80,6 +80,11 @@ PlatformFileError FileSystemFileUtil::GetFileInfo(
     FilePath* platform_file_path) {
   if (!file_util::PathExists(file_path))
     return base::PLATFORM_FILE_ERROR_NOT_FOUND;
+  // TODO(rkc): Fix this hack once we have refactored file_util to handle
+  // symlinks correctly. This check prevents handled extensions from accessing
+  // links

[Evan Martin, 2011/05/31 21:22:32]

Can you describe how this is a hack?  Or link to a bug number?

[rkc, 2011/05/31 21:49:56]

Done.

+  if (file_util::IsLink(file_path))
+    return base::PLATFORM_FILE_ERROR_NOT_FOUND;
   if (!file_util::GetFileInfo(file_path, file_info))
     return base::PLATFORM_FILE_ERROR_FAILED;
   *platform_file_path = file_path;
@@ -107,6 +112,10 @@ PlatformFileError FileSystemFileUtil::ReadDirectory(
     // This will just give the entry's name instead of entire path
     // if we use current.value().
     entry.name = file_util::FileEnumerator::GetFilename(info).value();
+    // TODO(rkc): Fix this also once we've refactored file_util
+    // This currently just prevents a file from showing up at all
+    // if it's a link, hence preventing arbitary 'read' exploits
+    if (!file_util::IsLink(file_path.Append(entry.name)))
     entries->push_back(entry);

[Evan Martin, 2011/05/31 21:22:32]

tabbing wrong here.

[rkc, 2011/05/31 21:49:56]

Done.

   }
   return base::PLATFORM_FILE_OK;