Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(518)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: base/file_util_win.cc

Issue 12223014: Add path traversal protection to Move and CopyFile too. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: Created 7 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « base/file_util_unittest.cc ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "base/file_util.h" 5 #include "base/file_util.h"
6 6
7 #include <windows.h> 7 #include <windows.h>
8 #include <psapi.h> 8 #include <psapi.h>
9 #include <shellapi.h> 9 #include <shellapi.h>
10 #include <shlobj.h> 10 #include <shlobj.h>
(...skipping 120 matching lines...) Expand 10 before | Expand all | Expand 10 after
131 base::ThreadRestrictions::AssertIOAllowed(); 131 base::ThreadRestrictions::AssertIOAllowed();
132 132
133 if (path.value().length() >= MAX_PATH) 133 if (path.value().length() >= MAX_PATH)
134 return false; 134 return false;
135 135
136 return MoveFileEx(path.value().c_str(), NULL, 136 return MoveFileEx(path.value().c_str(), NULL,
137 MOVEFILE_DELAY_UNTIL_REBOOT | 137 MOVEFILE_DELAY_UNTIL_REBOOT |
138 MOVEFILE_REPLACE_EXISTING) != FALSE; 138 MOVEFILE_REPLACE_EXISTING) != FALSE;
139 } 139 }
140 140
141 bool Move(const FilePath& from_path, const FilePath& to_path) { 141 bool MoveUnsafe(const FilePath& from_path, const FilePath& to_path) {
142 base::ThreadRestrictions::AssertIOAllowed(); 142 base::ThreadRestrictions::AssertIOAllowed();
143 143
144 // NOTE: I suspect we could support longer paths, but that would involve 144 // NOTE: I suspect we could support longer paths, but that would involve
145 // analyzing all our usage of files. 145 // analyzing all our usage of files.
146 if (from_path.value().length() >= MAX_PATH || 146 if (from_path.value().length() >= MAX_PATH ||
147 to_path.value().length() >= MAX_PATH) { 147 to_path.value().length() >= MAX_PATH) {
148 return false; 148 return false;
149 } 149 }
150 if (MoveFileEx(from_path.value().c_str(), to_path.value().c_str(), 150 if (MoveFileEx(from_path.value().c_str(), to_path.value().c_str(),
151 MOVEFILE_COPY_ALLOWED | MOVEFILE_REPLACE_EXISTING) != 0) 151 MOVEFILE_COPY_ALLOWED | MOVEFILE_REPLACE_EXISTING) != 0)
(...skipping 30 matching lines...) Expand all
182 // succeed when |to_path| does exist. When writing to a network share, we may 182 // succeed when |to_path| does exist. When writing to a network share, we may
183 // not be able to change the ACLs. Ignore ACL errors then 183 // not be able to change the ACLs. Ignore ACL errors then
184 // (REPLACEFILE_IGNORE_MERGE_ERRORS). 184 // (REPLACEFILE_IGNORE_MERGE_ERRORS).
185 if (::ReplaceFile(to_path.value().c_str(), from_path.value().c_str(), NULL, 185 if (::ReplaceFile(to_path.value().c_str(), from_path.value().c_str(), NULL,
186 REPLACEFILE_IGNORE_MERGE_ERRORS, NULL, NULL)) { 186 REPLACEFILE_IGNORE_MERGE_ERRORS, NULL, NULL)) {
187 return true; 187 return true;
188 } 188 }
189 return false; 189 return false;
190 } 190 }
191 191
192 bool CopyFile(const FilePath& from_path, const FilePath& to_path) { 192 bool CopyFileUnsafe(const FilePath& from_path, const FilePath& to_path) {
193 base::ThreadRestrictions::AssertIOAllowed(); 193 base::ThreadRestrictions::AssertIOAllowed();
194 194
195 // NOTE: I suspect we could support longer paths, but that would involve 195 // NOTE: I suspect we could support longer paths, but that would involve
196 // analyzing all our usage of files. 196 // analyzing all our usage of files.
197 if (from_path.value().length() >= MAX_PATH || 197 if (from_path.value().length() >= MAX_PATH ||
198 to_path.value().length() >= MAX_PATH) { 198 to_path.value().length() >= MAX_PATH) {
199 return false; 199 return false;
200 } 200 }
201 return (::CopyFile(from_path.value().c_str(), to_path.value().c_str(), 201 return (::CopyFile(from_path.value().c_str(), to_path.value().c_str(),
202 false) != 0); 202 false) != 0);
(...skipping 739 matching lines...) Expand 10 before | Expand all | Expand 10 after
942 HANDLE cp = GetCurrentProcess(); 942 HANDLE cp = GetCurrentProcess();
943 if (::GetMappedFileNameW(cp, file_view, mapped_file_path, kMaxPathLength)) { 943 if (::GetMappedFileNameW(cp, file_view, mapped_file_path, kMaxPathLength)) {
944 *nt_path = FilePath(mapped_file_path); 944 *nt_path = FilePath(mapped_file_path);
945 success = true; 945 success = true;
946 } 946 }
947 ::UnmapViewOfFile(file_view); 947 ::UnmapViewOfFile(file_view);
948 return success; 948 return success;
949 } 949 }
950 950
951 } // namespace file_util 951 } // namespace file_util
OLDNEW
« no previous file with comments | « base/file_util_unittest.cc ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698