| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "nacl_io/html5fs/html5_fs.h" | 5 #include "nacl_io/html5fs/html5_fs.h" |
| 6 | 6 |
| 7 #include <errno.h> | 7 #include <errno.h> |
| 8 #include <fcntl.h> | 8 #include <fcntl.h> |
| 9 #include <stdlib.h> | 9 #include <stdlib.h> |
| 10 #include <string.h> | 10 #include <string.h> |
| (...skipping 27 matching lines...) Expand all Loading... |
| 38 } | 38 } |
| 39 return hash; | 39 return hash; |
| 40 } | 40 } |
| 41 | 41 |
| 42 ino_t Html5Fs::HashPath(const Path& path) { | 42 ino_t Html5Fs::HashPath(const Path& path) { |
| 43 // Prime the DJB2a hash | 43 // Prime the DJB2a hash |
| 44 ino_t hash = 5381; | 44 ino_t hash = 5381; |
| 45 | 45 |
| 46 // Apply a running DJB2a to each part of the path | 46 // Apply a running DJB2a to each part of the path |
| 47 for (size_t segment = 0; segment < path.Size(); segment++) { | 47 for (size_t segment = 0; segment < path.Size(); segment++) { |
| 48 const char *ptr = path.Part(segment).c_str(); | 48 std::string part = path.Part(segment); |
| 49 size_t len = path.Part(segment).length(); | 49 hash = HashPathSegment(hash, part.c_str(), part.length()); |
| 50 hash = HashPathSegment(hash, ptr, len); | |
| 51 } | 50 } |
| 52 return hash; | 51 return hash; |
| 53 } | 52 } |
| 54 | 53 |
| 55 | 54 |
| 56 // For HTML5, the INO should be the one used by the system, however PPAPI | 55 // For HTML5, the INO should be the one used by the system, however PPAPI |
| 57 // does not provide access to the real INO. Instead, since HTML5 does not | 56 // does not provide access to the real INO. Instead, since HTML5 does not |
| 58 // suport links, we assume that files are unique based on path to the base | 57 // suport links, we assume that files are unique based on path to the base |
| 59 // of the mount. | 58 // of the mount. |
| 60 void Html5Fs::OnNodeCreated(Node* node) { | 59 void Html5Fs::OnNodeCreated(Node* node) { |
| 61 node->stat_.st_dev = dev_; | 60 node->stat_.st_dev = dev_; |
| 62 } | 61 } |
| 63 | 62 |
| 64 void Html5Fs::OnNodeDestroyed(Node* node) {} | 63 void Html5Fs::OnNodeDestroyed(Node* node) {} |
| 65 | 64 |
| 66 | 65 |
| 67 Error Html5Fs::OpenWithMode(const Path& path, int open_flags, mode_t mode, | 66 Error Html5Fs::OpenWithMode(const Path& path, int open_flags, mode_t mode, |
| 68 ScopedNode* out_node) { | 67 ScopedNode* out_node) { |
| 69 out_node->reset(NULL); | 68 out_node->reset(NULL); |
| 70 Error error = BlockUntilFilesystemOpen(); | 69 Error error = BlockUntilFilesystemOpen(); |
| 71 if (error) | 70 if (error) |
| 72 return error; | 71 return error; |
| 73 | 72 |
| 73 std::string full_path(GetFullPath(path).Join()); |
| 74 PP_Resource fileref = file_ref_iface_->Create( | 74 PP_Resource fileref = file_ref_iface_->Create( |
| 75 filesystem_resource_, GetFullPath(path).Join().c_str()); | 75 filesystem_resource_, full_path.c_str()); |
| 76 if (!fileref) | 76 if (!fileref) |
| 77 return ENOENT; | 77 return ENOENT; |
| 78 | 78 |
| 79 ScopedNode node(new Html5FsNode(this, fileref)); | 79 ScopedNode node(new Html5FsNode(this, fileref)); |
| 80 error = node->Init(open_flags); | 80 error = node->Init(open_flags); |
| 81 | 81 |
| 82 // Set the INO based on the path | 82 // Set the INO based on the path |
| 83 node->stat_.st_ino = HashPath(path); | 83 node->stat_.st_ino = HashPath(path); |
| 84 | 84 |
| 85 if (error) | 85 if (error) |
| (...skipping 21 matching lines...) Expand all Loading... |
| 107 Error Html5Fs::Mkdir(const Path& path, int permissions) { | 107 Error Html5Fs::Mkdir(const Path& path, int permissions) { |
| 108 Error error = BlockUntilFilesystemOpen(); | 108 Error error = BlockUntilFilesystemOpen(); |
| 109 if (error) | 109 if (error) |
| 110 return error; | 110 return error; |
| 111 | 111 |
| 112 // FileRef returns PP_ERROR_NOACCESS which is translated to EACCES if you | 112 // FileRef returns PP_ERROR_NOACCESS which is translated to EACCES if you |
| 113 // try to create the root directory. EEXIST is a better errno here. | 113 // try to create the root directory. EEXIST is a better errno here. |
| 114 if (path.IsRoot()) | 114 if (path.IsRoot()) |
| 115 return EEXIST; | 115 return EEXIST; |
| 116 | 116 |
| 117 std::string full_path(GetFullPath(path).Join()); |
| 117 ScopedResource fileref_resource( | 118 ScopedResource fileref_resource( |
| 118 ppapi(), | 119 ppapi(), |
| 119 file_ref_iface_->Create(filesystem_resource_, | 120 file_ref_iface_->Create(filesystem_resource_, full_path.c_str())); |
| 120 GetFullPath(path).Join().c_str())); | |
| 121 if (!fileref_resource.pp_resource()) | 121 if (!fileref_resource.pp_resource()) |
| 122 return ENOENT; | 122 return ENOENT; |
| 123 | 123 |
| 124 int32_t result = file_ref_iface_->MakeDirectory( | 124 int32_t result = file_ref_iface_->MakeDirectory( |
| 125 fileref_resource.pp_resource(), PP_FALSE, PP_BlockUntilComplete()); | 125 fileref_resource.pp_resource(), PP_FALSE, PP_BlockUntilComplete()); |
| 126 if (result != PP_OK) | 126 if (result != PP_OK) |
| 127 return PPErrorToErrno(result); | 127 return PPErrorToErrno(result); |
| 128 | 128 |
| 129 return 0; | 129 return 0; |
| 130 } | 130 } |
| 131 | 131 |
| 132 Error Html5Fs::Rmdir(const Path& path) { | 132 Error Html5Fs::Rmdir(const Path& path) { |
| 133 return RemoveInternal(path, REMOVE_DIR); | 133 return RemoveInternal(path, REMOVE_DIR); |
| 134 } | 134 } |
| 135 | 135 |
| 136 Error Html5Fs::Remove(const Path& path) { | 136 Error Html5Fs::Remove(const Path& path) { |
| 137 return RemoveInternal(path, REMOVE_ALL); | 137 return RemoveInternal(path, REMOVE_ALL); |
| 138 } | 138 } |
| 139 | 139 |
| 140 Error Html5Fs::RemoveInternal(const Path& path, int remove_type) { | 140 Error Html5Fs::RemoveInternal(const Path& path, int remove_type) { |
| 141 Error error = BlockUntilFilesystemOpen(); | 141 Error error = BlockUntilFilesystemOpen(); |
| 142 if (error) | 142 if (error) |
| 143 return error; | 143 return error; |
| 144 | 144 |
| 145 std::string full_path(GetFullPath(path).Join()); |
| 145 ScopedResource fileref_resource( | 146 ScopedResource fileref_resource( |
| 146 ppapi(), | 147 ppapi(), |
| 147 file_ref_iface_->Create(filesystem_resource_, | 148 file_ref_iface_->Create(filesystem_resource_, full_path.c_str())); |
| 148 GetFullPath(path).Join().c_str())); | |
| 149 if (!fileref_resource.pp_resource()) | 149 if (!fileref_resource.pp_resource()) |
| 150 return ENOENT; | 150 return ENOENT; |
| 151 | 151 |
| 152 // Check file type | 152 // Check file type |
| 153 if (remove_type != REMOVE_ALL) { | 153 if (remove_type != REMOVE_ALL) { |
| 154 PP_FileInfo file_info; | 154 PP_FileInfo file_info; |
| 155 int32_t query_result = file_ref_iface_->Query( | 155 int32_t query_result = file_ref_iface_->Query( |
| 156 fileref_resource.pp_resource(), &file_info, PP_BlockUntilComplete()); | 156 fileref_resource.pp_resource(), &file_info, PP_BlockUntilComplete()); |
| 157 if (query_result != PP_OK) { | 157 if (query_result != PP_OK) { |
| 158 if (query_result == PP_ERROR_FILENOTFOUND) { | 158 if (query_result == PP_ERROR_FILENOTFOUND) { |
| (...skipping 180 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 339 } | 339 } |
| 340 | 340 |
| 341 void Html5Fs::FilesystemOpenCallback(int32_t result) { | 341 void Html5Fs::FilesystemOpenCallback(int32_t result) { |
| 342 AUTO_LOCK(filesysem_open_lock_); | 342 AUTO_LOCK(filesysem_open_lock_); |
| 343 filesystem_open_has_result_ = true; | 343 filesystem_open_has_result_ = true; |
| 344 filesystem_open_error_ = PPErrorToErrno(result); | 344 filesystem_open_error_ = PPErrorToErrno(result); |
| 345 pthread_cond_signal(&filesystem_open_cond_); | 345 pthread_cond_signal(&filesystem_open_cond_); |
| 346 } | 346 } |
| 347 | 347 |
| 348 } // namespace nacl_io | 348 } // namespace nacl_io |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1062463004:
[NaCl SDK] nacl_io: Fix use-after-free bug in html5fs (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master