webkit/browser/database/database_util.cc - Issue 199153003: Look closer at the components of vfsfilenames that are used filenames.

Unified Diff: webkit/browser/database/database_util.cc

Issue 199153003: Look closer at the components of vfsfilenames that are used filenames. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Created 6 years, 9 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: webkit/browser/database/database_util.cc

diff --git a/webkit/browser/database/database_util.cc b/webkit/browser/database/database_util.cc

index bfa08791b05251ee6d91c1ba34c0746c021eb6db..14a54551ae7af91d8eaed4b9abf78a702816ff67 100644

--- a/webkit/browser/database/database_util.cc

+++ b/webkit/browser/database/database_util.cc

@@ -8,9 +8,30 @@

#include "base/strings/utf_string_conversions.h"

#include "webkit/browser/database/database_tracker.h"

#include "webkit/browser/database/vfs_backend.h"

+#include "webkit/common/database/database_identifier.h"

namespace webkit_database {

+namespace {

+bool IsSafeSuffix(const base::string16& suffix) {

+ base::char16 prev_c = 0;

+ for (base::string16::const_iterator it = suffix.begin();

+ it < suffix.end(); ++it) {

+ base::char16 c = *it;

+ if (!(IsAsciiAlpha(c) || IsAsciiDigit(c) ||

michaeln 2014/06/09 18:30:58 here it is...

+ c == '-' || c == '.' || c == '_')) {

+ return false;

+ }

+ if (c == '.' && prev_c == '.')

+ return false;

+ prev_c = c;

+ }

+ return true;

const char DatabaseUtil::kJournalFileSuffix[] = "-journal";

bool DatabaseUtil::CrackVfsFileName(const base::string16& vfs_file_name,

@@ -31,18 +52,27 @@ bool DatabaseUtil::CrackVfsFileName(const base::string16& vfs_file_name,

return false;

}

- if (origin_identifier) {

- *origin_identifier = base::UTF16ToASCII(

+ std::string origin_id = base::UTF16ToASCII(

vfs_file_name.substr(0, first_slash_index));

- }

+ if (!IsValidOriginIdentifier(origin_id))

+ return false;

+ base::string16 suffix = vfs_file_name.substr(

+ last_pound_index + 1, vfs_file_name.length() - last_pound_index - 1);

+ if (!IsSafeSuffix(suffix))

+ return false;

+ if (origin_identifier)

+ *origin_identifier = origin_id;

if (database_name) {

*database_name = vfs_file_name.substr(

first_slash_index + 1, last_pound_index - first_slash_index - 1);

}

- if (sqlite_suffix) {

- *sqlite_suffix = vfs_file_name.substr(

- last_pound_index + 1, vfs_file_name.length() - last_pound_index - 1);

- }

+ if (sqlite_suffix)

+ *sqlite_suffix = suffix;

return true;

}

@@ -72,14 +102,7 @@ base::FilePath DatabaseUtil::GetFullFilePathForVfsFile(

bool DatabaseUtil::IsValidOriginIdentifier(

const std::string& origin_identifier) {

- std::string dotdot = "..";

- char forbidden[] = {'\\', '/', '\0'};

- std::string::size_type pos = origin_identifier.find(dotdot);

- if (pos == std::string::npos)

- pos = origin_identifier.find_first_of(forbidden, 0, arraysize(forbidden));

- return pos == std::string::npos;

+ return GetOriginFromIdentifier(origin_identifier).is_valid();

}

} // namespace webkit_database

« no previous file with comments | « no previous file | webkit/browser/database/database_util_unittest.cc » ('j') | webkit/common/database/database_identifier.cc » ('J')