Chromium Code Reviews Chromium Code Reviews
Issue 1770313004:
Not saving whitelist icon paths that reference the parent. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/component_updater/supervised_user_whitelist_installer.h " | 5 #include "chrome/browser/component_updater/supervised_user_whitelist_installer.h " |
| 6 | 6 |
| 7 #include <stddef.h> | 7 #include <stddef.h> |
| 8 #include <utility> | 8 #include <utility> |
| 9 | 9 |
| 10 #include "base/bind.h" | 10 #include "base/bind.h" |
| (...skipping 48 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 59 const char kExtensionIcons[] = "icons"; | 59 const char kExtensionIcons[] = "icons"; |
| 60 const char kExtensionLargeIcon[] = "128"; | 60 const char kExtensionLargeIcon[] = "128"; |
| 61 | 61 |
| 62 base::string16 GetWhitelistTitle(const base::DictionaryValue& manifest) { | 62 base::string16 GetWhitelistTitle(const base::DictionaryValue& manifest) { |
| 63 base::string16 title; | 63 base::string16 title; |
| 64 if (!manifest.GetString(kExtensionShortName, &title)) | 64 if (!manifest.GetString(kExtensionShortName, &title)) |
| 65 manifest.GetString(kExtensionName, &title); | 65 manifest.GetString(kExtensionName, &title); |
| 66 return title; | 66 return title; |
| 67 } | 67 } |
| 68 | 68 |
| 69 base::FilePath GetSafeFilePath(const base::DictionaryValue& dictionary, | |
| 70 const std::string& key, | |
| 71 const base::FilePath& install_dir) { | |
| 72 base::FilePath path; | |
|
Bernhard Bauer
2016/03/15 09:34:52
Move this to where it's used.
atanasova
2016/03/15 11:22:05
Done.
| |
| 73 const base::Value* path_value = nullptr; | |
| 74 if (!dictionary.Get(key, &path_value)) | |
| 75 return base::FilePath(); | |
| 76 if (!base::GetValueAsFilePath(*path_value, &path)) | |
| 77 return base::FilePath(); | |
| 78 // Path components ("..") are not allowed. | |
| 79 if (path.ReferencesParent()) | |
| 80 return base::FilePath(); | |
| 81 | |
| 82 return install_dir.Append(path); | |
| 83 } | |
| 84 | |
| 69 base::FilePath GetLargeIconPath(const base::DictionaryValue& manifest, | 85 base::FilePath GetLargeIconPath(const base::DictionaryValue& manifest, |
| 70 const base::FilePath& install_dir) { | 86 const base::FilePath& install_dir) { |
| 71 const base::DictionaryValue* icons = nullptr; | 87 const base::DictionaryValue* icons = nullptr; |
| 72 if (!manifest.GetDictionary(kExtensionIcons, &icons)) | 88 if (!manifest.GetDictionary(kExtensionIcons, &icons)) |
| 73 return base::FilePath(); | 89 return base::FilePath(); |
| 74 | 90 |
| 75 base::FilePath path; | 91 return GetSafeFilePath(*icons, kExtensionLargeIcon, install_dir); |
| 76 const base::Value* path_value = nullptr; | |
| 77 if (!icons->Get(kExtensionLargeIcon, &path_value)) | |
| 78 return base::FilePath(); | |
| 79 if (!base::GetValueAsFilePath(*path_value, &path)) | |
| 80 return base::FilePath(); | |
| 81 | |
| 82 return install_dir.Append(path); | |
| 83 } | 92 } |
| 84 | 93 |
| 85 base::FilePath GetRawWhitelistPath(const base::DictionaryValue& manifest, | 94 base::FilePath GetRawWhitelistPath(const base::DictionaryValue& manifest, |
| 86 const base::FilePath& install_dir) { | 95 const base::FilePath& install_dir) { |
| 87 const base::DictionaryValue* whitelist_dict = nullptr; | 96 const base::DictionaryValue* whitelist_dict = nullptr; |
| 88 if (!manifest.GetDictionary(kWhitelistedContent, &whitelist_dict)) | 97 if (!manifest.GetDictionary(kWhitelistedContent, &whitelist_dict)) |
| 89 return base::FilePath(); | 98 return base::FilePath(); |
| 90 | 99 |
| 91 base::FilePath whitelist_file; | 100 return GetSafeFilePath(*whitelist_dict, kSites, install_dir); |
| 92 const base::Value* whitelist_file_value = nullptr; | |
| 93 if (!whitelist_dict->Get(kSites, &whitelist_file_value)) | |
| 94 return base::FilePath(); | |
| 95 if (!base::GetValueAsFilePath(*whitelist_file_value, &whitelist_file)) | |
| 96 return base::FilePath(); | |
| 97 | |
| 98 return install_dir.Append(whitelist_file); | |
| 99 } | 101 } |
| 100 | 102 |
| 101 base::FilePath GetSanitizedWhitelistPath(const std::string& crx_id) { | 103 base::FilePath GetSanitizedWhitelistPath(const std::string& crx_id) { |
| 102 base::FilePath base_dir; | 104 base::FilePath base_dir; |
| 103 PathService::Get(chrome::DIR_SUPERVISED_USER_INSTALLED_WHITELISTS, &base_dir); | 105 PathService::Get(chrome::DIR_SUPERVISED_USER_INSTALLED_WHITELISTS, &base_dir); |
| 104 return base_dir.empty() | 106 return base_dir.empty() |
| 105 ? base::FilePath() | 107 ? base::FilePath() |
| 106 : base_dir.AppendASCII(crx_id + kSanitizedWhitelistExtension); | 108 : base_dir.AppendASCII(crx_id + kSanitizedWhitelistExtension); |
| 107 } | 109 } |
| 108 | 110 |
| (...skipping 507 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 616 | 618 |
| 617 // static | 619 // static |
| 618 void SupervisedUserWhitelistInstaller::TriggerComponentUpdate( | 620 void SupervisedUserWhitelistInstaller::TriggerComponentUpdate( |
| 619 OnDemandUpdater* updater, | 621 OnDemandUpdater* updater, |
| 620 const std::string& crx_id) { | 622 const std::string& crx_id) { |
| 621 const bool result = updater->OnDemandUpdate(crx_id); | 623 const bool result = updater->OnDemandUpdate(crx_id); |
| 622 DCHECK(result); | 624 DCHECK(result); |
| 623 } | 625 } |
| 624 | 626 |
| 625 } // namespace component_updater | 627 } // namespace component_updater |
| OLD | NEW |
