| Index: third_party/libxslt/libxslt/security.c
|
| diff --git a/third_party/libxslt/libxslt/security.c b/third_party/libxslt/libxslt/security.c
|
| deleted file mode 100644
|
| index 89de90bd3f1ebdb09310f562a35bcd599824b379..0000000000000000000000000000000000000000
|
| --- a/third_party/libxslt/libxslt/security.c
|
| +++ /dev/null
|
| @@ -1,480 +0,0 @@
|
| -/*
|
| - * security.c: Implementation of the XSLT security framework
|
| - *
|
| - * See Copyright for the status of this software.
|
| - *
|
| - * daniel@veillard.com
|
| - */
|
| -
|
| -#define IN_LIBXSLT
|
| -#include "libxslt.h"
|
| -
|
| -#include <string.h>
|
| -
|
| -#ifdef HAVE_SYS_TYPES_H
|
| -#include <sys/types.h>
|
| -#endif
|
| -#ifdef HAVE_SYS_STAT_H
|
| -#include <sys/stat.h>
|
| -#endif
|
| -
|
| -#ifdef HAVE_MATH_H
|
| -#include <math.h>
|
| -#endif
|
| -#ifdef HAVE_FLOAT_H
|
| -#include <float.h>
|
| -#endif
|
| -#ifdef HAVE_IEEEFP_H
|
| -#include <ieeefp.h>
|
| -#endif
|
| -#ifdef HAVE_NAN_H
|
| -#include <nan.h>
|
| -#endif
|
| -#ifdef HAVE_CTYPE_H
|
| -#include <ctype.h>
|
| -#endif
|
| -
|
| -#if defined(WIN32) && !defined(__CYGWIN__)
|
| -#include <windows.h>
|
| -#ifndef INVALID_FILE_ATTRIBUTES
|
| -#define INVALID_FILE_ATTRIBUTES ((DWORD)-1)
|
| -#endif
|
| -#endif
|
| -
|
| -#ifndef HAVE_STAT
|
| -# ifdef HAVE__STAT
|
| - /* MS C library seems to define stat and _stat. The definition
|
| - * is identical. Still, mapping them to each other causes a warning. */
|
| -# ifndef _MSC_VER
|
| -# define stat(x,y) _stat(x,y)
|
| -# endif
|
| -# define HAVE_STAT
|
| -# endif
|
| -#endif
|
| -
|
| -#include <libxml/xmlmemory.h>
|
| -#include <libxml/tree.h>
|
| -#include <libxml/uri.h>
|
| -#include "xslt.h"
|
| -#include "xsltInternals.h"
|
| -#include "xsltutils.h"
|
| -#include "extensions.h"
|
| -#include "security.h"
|
| -
|
| -
|
| -struct _xsltSecurityPrefs {
|
| - xsltSecurityCheck readFile;
|
| - xsltSecurityCheck createFile;
|
| - xsltSecurityCheck createDir;
|
| - xsltSecurityCheck readNet;
|
| - xsltSecurityCheck writeNet;
|
| -};
|
| -
|
| -static xsltSecurityPrefsPtr xsltDefaultSecurityPrefs = NULL;
|
| -
|
| -/************************************************************************
|
| - * *
|
| - * Module interfaces *
|
| - * *
|
| - ************************************************************************/
|
| -
|
| -/**
|
| - * xsltNewSecurityPrefs:
|
| - *
|
| - * Create a new security preference block
|
| - *
|
| - * Returns a pointer to the new block or NULL in case of error
|
| - */
|
| -xsltSecurityPrefsPtr
|
| -xsltNewSecurityPrefs(void) {
|
| - xsltSecurityPrefsPtr ret;
|
| -
|
| - xsltInitGlobals();
|
| -
|
| - ret = (xsltSecurityPrefsPtr) xmlMalloc(sizeof(xsltSecurityPrefs));
|
| - if (ret == NULL) {
|
| - xsltTransformError(NULL, NULL, NULL,
|
| - "xsltNewSecurityPrefs : malloc failed\n");
|
| - return(NULL);
|
| - }
|
| - memset(ret, 0, sizeof(xsltSecurityPrefs));
|
| - return(ret);
|
| -}
|
| -
|
| -/**
|
| - * xsltFreeSecurityPrefs:
|
| - * @sec: the security block to free
|
| - *
|
| - * Free up a security preference block
|
| - */
|
| -void
|
| -xsltFreeSecurityPrefs(xsltSecurityPrefsPtr sec) {
|
| - if (sec == NULL)
|
| - return;
|
| - xmlFree(sec);
|
| -}
|
| -
|
| -/**
|
| - * xsltSetSecurityPrefs:
|
| - * @sec: the security block to update
|
| - * @option: the option to update
|
| - * @func: the user callback to use for this option
|
| - *
|
| - * Update the security option to use the new callback checking function
|
| - *
|
| - * Returns -1 in case of error, 0 otherwise
|
| - */
|
| -int
|
| -xsltSetSecurityPrefs(xsltSecurityPrefsPtr sec, xsltSecurityOption option,
|
| - xsltSecurityCheck func) {
|
| - xsltInitGlobals();
|
| - if (sec == NULL)
|
| - return(-1);
|
| - switch (option) {
|
| - case XSLT_SECPREF_READ_FILE:
|
| - sec->readFile = func; return(0);
|
| - case XSLT_SECPREF_WRITE_FILE:
|
| - sec->createFile = func; return(0);
|
| - case XSLT_SECPREF_CREATE_DIRECTORY:
|
| - sec->createDir = func; return(0);
|
| - case XSLT_SECPREF_READ_NETWORK:
|
| - sec->readNet = func; return(0);
|
| - case XSLT_SECPREF_WRITE_NETWORK:
|
| - sec->writeNet = func; return(0);
|
| - }
|
| - return(-1);
|
| -}
|
| -
|
| -/**
|
| - * xsltGetSecurityPrefs:
|
| - * @sec: the security block to update
|
| - * @option: the option to lookup
|
| - *
|
| - * Lookup the security option to get the callback checking function
|
| - *
|
| - * Returns NULL if not found, the function otherwise
|
| - */
|
| -xsltSecurityCheck
|
| -xsltGetSecurityPrefs(xsltSecurityPrefsPtr sec, xsltSecurityOption option) {
|
| - if (sec == NULL)
|
| - return(NULL);
|
| - switch (option) {
|
| - case XSLT_SECPREF_READ_FILE:
|
| - return(sec->readFile);
|
| - case XSLT_SECPREF_WRITE_FILE:
|
| - return(sec->createFile);
|
| - case XSLT_SECPREF_CREATE_DIRECTORY:
|
| - return(sec->createDir);
|
| - case XSLT_SECPREF_READ_NETWORK:
|
| - return(sec->readNet);
|
| - case XSLT_SECPREF_WRITE_NETWORK:
|
| - return(sec->writeNet);
|
| - }
|
| - return(NULL);
|
| -}
|
| -
|
| -/**
|
| - * xsltSetDefaultSecurityPrefs:
|
| - * @sec: the security block to use
|
| - *
|
| - * Set the default security preference application-wide
|
| - */
|
| -void
|
| -xsltSetDefaultSecurityPrefs(xsltSecurityPrefsPtr sec) {
|
| -
|
| - xsltDefaultSecurityPrefs = sec;
|
| -}
|
| -
|
| -/**
|
| - * xsltGetDefaultSecurityPrefs:
|
| - *
|
| - * Get the default security preference application-wide
|
| - *
|
| - * Returns the current xsltSecurityPrefsPtr in use or NULL if none
|
| - */
|
| -xsltSecurityPrefsPtr
|
| -xsltGetDefaultSecurityPrefs(void) {
|
| - return(xsltDefaultSecurityPrefs);
|
| -}
|
| -
|
| -/**
|
| - * xsltSetCtxtSecurityPrefs:
|
| - * @sec: the security block to use
|
| - * @ctxt: an XSLT transformation context
|
| - *
|
| - * Set the security preference for a specific transformation
|
| - *
|
| - * Returns -1 in case of error, 0 otherwise
|
| - */
|
| -int
|
| -xsltSetCtxtSecurityPrefs(xsltSecurityPrefsPtr sec,
|
| - xsltTransformContextPtr ctxt) {
|
| - if (ctxt == NULL)
|
| - return(-1);
|
| - ctxt->sec = (void *) sec;
|
| - return(0);
|
| -}
|
| -
|
| -
|
| -/**
|
| - * xsltSecurityAllow:
|
| - * @sec: the security block to use
|
| - * @ctxt: an XSLT transformation context
|
| - * @value: unused
|
| - *
|
| - * Function used to always allow an operation
|
| - *
|
| - * Returns 1 always
|
| - */
|
| -int
|
| -xsltSecurityAllow(xsltSecurityPrefsPtr sec ATTRIBUTE_UNUSED,
|
| - xsltTransformContextPtr ctxt ATTRIBUTE_UNUSED,
|
| - const char *value ATTRIBUTE_UNUSED) {
|
| - return(1);
|
| -}
|
| -
|
| -/**
|
| - * xsltSecurityForbid:
|
| - * @sec: the security block to use
|
| - * @ctxt: an XSLT transformation context
|
| - * @value: unused
|
| - *
|
| - * Function used to always forbid an operation
|
| - *
|
| - * Returns 0 always
|
| - */
|
| -int
|
| -xsltSecurityForbid(xsltSecurityPrefsPtr sec ATTRIBUTE_UNUSED,
|
| - xsltTransformContextPtr ctxt ATTRIBUTE_UNUSED,
|
| - const char *value ATTRIBUTE_UNUSED) {
|
| - return(0);
|
| -}
|
| -
|
| -/************************************************************************
|
| - * *
|
| - * Internal interfaces *
|
| - * *
|
| - ************************************************************************/
|
| -
|
| -/**
|
| - * xsltCheckFilename
|
| - * @path: the path to check
|
| - *
|
| - * function checks to see if @path is a valid source
|
| - * (file, socket...) for XML.
|
| - *
|
| - * TODO: remove at some point !!!
|
| - * Local copy of xmlCheckFilename to avoid a hard dependency on
|
| - * a new version of libxml2
|
| - *
|
| - * if stat is not available on the target machine,
|
| - * returns 1. if stat fails, returns 0 (if calling
|
| - * stat on the filename fails, it can't be right).
|
| - * if stat succeeds and the file is a directory,
|
| - * returns 2. otherwise returns 1.
|
| - */
|
| -
|
| -static int
|
| -xsltCheckFilename (const char *path)
|
| -{
|
| -#ifdef HAVE_STAT
|
| - struct stat stat_buffer;
|
| -#if defined(WIN32) && !defined(__CYGWIN__)
|
| - DWORD dwAttrs;
|
| -
|
| - dwAttrs = GetFileAttributesA(path);
|
| - if (dwAttrs != INVALID_FILE_ATTRIBUTES) {
|
| - if (dwAttrs & FILE_ATTRIBUTE_DIRECTORY) {
|
| - return 2;
|
| - }
|
| - }
|
| -#endif
|
| -
|
| - if (stat(path, &stat_buffer) == -1)
|
| - return 0;
|
| -
|
| -#ifdef S_ISDIR
|
| - if (S_ISDIR(stat_buffer.st_mode)) {
|
| - return 2;
|
| - }
|
| -#endif
|
| -#endif
|
| - return 1;
|
| -}
|
| -
|
| -static int
|
| -xsltCheckWritePath(xsltSecurityPrefsPtr sec,
|
| - xsltTransformContextPtr ctxt,
|
| - const char *path)
|
| -{
|
| - int ret;
|
| - xsltSecurityCheck check;
|
| - char *directory;
|
| -
|
| - check = xsltGetSecurityPrefs(sec, XSLT_SECPREF_WRITE_FILE);
|
| - if (check != NULL) {
|
| - ret = check(sec, ctxt, path);
|
| - if (ret == 0) {
|
| - xsltTransformError(ctxt, NULL, NULL,
|
| - "File write for %s refused\n", path);
|
| - return(0);
|
| - }
|
| - }
|
| -
|
| - directory = xmlParserGetDirectory (path);
|
| -
|
| - if (directory != NULL) {
|
| - ret = xsltCheckFilename(directory);
|
| - if (ret == 0) {
|
| - /*
|
| - * The directory doesn't exist check for creation
|
| - */
|
| - check = xsltGetSecurityPrefs(sec,
|
| - XSLT_SECPREF_CREATE_DIRECTORY);
|
| - if (check != NULL) {
|
| - ret = check(sec, ctxt, directory);
|
| - if (ret == 0) {
|
| - xsltTransformError(ctxt, NULL, NULL,
|
| - "Directory creation for %s refused\n",
|
| - path);
|
| - xmlFree(directory);
|
| - return(0);
|
| - }
|
| - }
|
| - ret = xsltCheckWritePath(sec, ctxt, directory);
|
| - if (ret == 1)
|
| - ret = mkdir(directory, 0755);
|
| - }
|
| - xmlFree(directory);
|
| - if (ret < 0)
|
| - return(ret);
|
| - }
|
| -
|
| - return(1);
|
| -}
|
| -
|
| -/**
|
| - * xsltCheckWrite:
|
| - * @sec: the security options
|
| - * @ctxt: an XSLT transformation context
|
| - * @URL: the resource to be written
|
| - *
|
| - * Check if the resource is allowed to be written, if necessary makes
|
| - * some preliminary work like creating directories
|
| - *
|
| - * Return 1 if write is allowed, 0 if not and -1 in case or error.
|
| - */
|
| -int
|
| -xsltCheckWrite(xsltSecurityPrefsPtr sec,
|
| - xsltTransformContextPtr ctxt, const xmlChar *URL) {
|
| - int ret;
|
| - xmlURIPtr uri;
|
| - xsltSecurityCheck check;
|
| -
|
| - uri = xmlParseURI((const char *)URL);
|
| - if (uri == NULL) {
|
| - uri = xmlCreateURI();
|
| - if (uri == NULL) {
|
| - xsltTransformError(ctxt, NULL, NULL,
|
| - "xsltCheckWrite: out of memory for %s\n", URL);
|
| - return(-1);
|
| - }
|
| - uri->path = (char *)xmlStrdup(URL);
|
| - }
|
| - if ((uri->scheme == NULL) ||
|
| - (xmlStrEqual(BAD_CAST uri->scheme, BAD_CAST "file"))) {
|
| -
|
| -#if defined(WIN32) && !defined(__CYGWIN__)
|
| - if ((uri->path)&&(uri->path[0]=='/')&&
|
| - (uri->path[1]!='\0')&&(uri->path[2]==':'))
|
| - ret = xsltCheckWritePath(sec, ctxt, uri->path+1);
|
| - else
|
| -#endif
|
| -
|
| - /*
|
| - * Check if we are allowed to write this file
|
| - */
|
| - ret = xsltCheckWritePath(sec, ctxt, uri->path);
|
| - if (ret <= 0) {
|
| - xmlFreeURI(uri);
|
| - return(ret);
|
| - }
|
| - } else {
|
| - /*
|
| - * Check if we are allowed to write this network resource
|
| - */
|
| - check = xsltGetSecurityPrefs(sec, XSLT_SECPREF_WRITE_NETWORK);
|
| - if (check != NULL) {
|
| - ret = check(sec, ctxt, (const char *)URL);
|
| - if (ret == 0) {
|
| - xsltTransformError(ctxt, NULL, NULL,
|
| - "File write for %s refused\n", URL);
|
| - xmlFreeURI(uri);
|
| - return(0);
|
| - }
|
| - }
|
| - }
|
| - xmlFreeURI(uri);
|
| - return(1);
|
| -}
|
| -
|
| -
|
| -/**
|
| - * xsltCheckRead:
|
| - * @sec: the security options
|
| - * @ctxt: an XSLT transformation context
|
| - * @URL: the resource to be read
|
| - *
|
| - * Check if the resource is allowed to be read
|
| - *
|
| - * Return 1 if read is allowed, 0 if not and -1 in case or error.
|
| - */
|
| -int
|
| -xsltCheckRead(xsltSecurityPrefsPtr sec,
|
| - xsltTransformContextPtr ctxt, const xmlChar *URL) {
|
| - int ret;
|
| - xmlURIPtr uri;
|
| - xsltSecurityCheck check;
|
| -
|
| - uri = xmlParseURI((const char *)URL);
|
| - if (uri == NULL) {
|
| - xsltTransformError(ctxt, NULL, NULL,
|
| - "xsltCheckRead: URL parsing failed for %s\n",
|
| - URL);
|
| - return(-1);
|
| - }
|
| - if ((uri->scheme == NULL) ||
|
| - (xmlStrEqual(BAD_CAST uri->scheme, BAD_CAST "file"))) {
|
| -
|
| - /*
|
| - * Check if we are allowed to read this file
|
| - */
|
| - check = xsltGetSecurityPrefs(sec, XSLT_SECPREF_READ_FILE);
|
| - if (check != NULL) {
|
| - ret = check(sec, ctxt, uri->path);
|
| - if (ret == 0) {
|
| - xsltTransformError(ctxt, NULL, NULL,
|
| - "Local file read for %s refused\n", URL);
|
| - xmlFreeURI(uri);
|
| - return(0);
|
| - }
|
| - }
|
| - } else {
|
| - /*
|
| - * Check if we are allowed to write this network resource
|
| - */
|
| - check = xsltGetSecurityPrefs(sec, XSLT_SECPREF_READ_NETWORK);
|
| - if (check != NULL) {
|
| - ret = check(sec, ctxt, (const char *)URL);
|
| - if (ret == 0) {
|
| - xsltTransformError(ctxt, NULL, NULL,
|
| - "Network file read for %s refused\n", URL);
|
| - xmlFreeURI(uri);
|
| - return(0);
|
| - }
|
| - }
|
| - }
|
| - xmlFreeURI(uri);
|
| - return(1);
|
| -}
|
| -
|
|
|
Chromium Code Reviews
Issue 2865973002:
Check in the libxslt roll script. (Closed)
