OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "webkit/browser/database/database_util.h" | 5 #include "storage/browser/database/database_util.h" |
6 | 6 |
7 #include "base/basictypes.h" | 7 #include "base/basictypes.h" |
8 #include "base/strings/utf_string_conversions.h" | 8 #include "base/strings/utf_string_conversions.h" |
9 #include "webkit/browser/database/database_tracker.h" | 9 #include "storage/browser/database/database_tracker.h" |
10 #include "webkit/browser/database/vfs_backend.h" | 10 #include "storage/browser/database/vfs_backend.h" |
11 #include "webkit/common/database/database_identifier.h" | 11 #include "storage/common/database/database_identifier.h" |
12 | 12 |
13 namespace webkit_database { | 13 namespace webkit_database { |
14 | 14 |
15 namespace { | 15 namespace { |
16 | 16 |
17 bool IsSafeSuffix(const base::string16& suffix) { | 17 bool IsSafeSuffix(const base::string16& suffix) { |
18 base::char16 prev_c = 0; | 18 base::char16 prev_c = 0; |
19 for (base::string16::const_iterator it = suffix.begin(); | 19 for (base::string16::const_iterator it = suffix.begin(); it < suffix.end(); |
20 it < suffix.end(); ++it) { | 20 ++it) { |
21 base::char16 c = *it; | 21 base::char16 c = *it; |
22 if (!(IsAsciiAlpha(c) || IsAsciiDigit(c) || | 22 if (!(IsAsciiAlpha(c) || IsAsciiDigit(c) || c == '-' || c == '.' || |
23 c == '-' || c == '.' || c == '_')) { | 23 c == '_')) { |
24 return false; | 24 return false; |
25 } | 25 } |
26 if (c == '.' && prev_c == '.') | 26 if (c == '.' && prev_c == '.') |
27 return false; | 27 return false; |
28 prev_c = c; | 28 prev_c = c; |
29 } | 29 } |
30 return true; | 30 return true; |
31 } | 31 } |
32 | |
33 } | 32 } |
34 | 33 |
35 const char DatabaseUtil::kJournalFileSuffix[] = "-journal"; | 34 const char DatabaseUtil::kJournalFileSuffix[] = "-journal"; |
36 | 35 |
37 bool DatabaseUtil::CrackVfsFileName(const base::string16& vfs_file_name, | 36 bool DatabaseUtil::CrackVfsFileName(const base::string16& vfs_file_name, |
38 std::string* origin_identifier, | 37 std::string* origin_identifier, |
39 base::string16* database_name, | 38 base::string16* database_name, |
40 base::string16* sqlite_suffix) { | 39 base::string16* sqlite_suffix) { |
41 // 'vfs_file_name' is of the form <origin_identifier>/<db_name>#<suffix>. | 40 // 'vfs_file_name' is of the form <origin_identifier>/<db_name>#<suffix>. |
42 // <suffix> is optional. | 41 // <suffix> is optional. |
43 DCHECK(!vfs_file_name.empty()); | 42 DCHECK(!vfs_file_name.empty()); |
44 size_t first_slash_index = vfs_file_name.find('/'); | 43 size_t first_slash_index = vfs_file_name.find('/'); |
45 size_t last_pound_index = vfs_file_name.rfind('#'); | 44 size_t last_pound_index = vfs_file_name.rfind('#'); |
46 // '/' and '#' must be present in the string. Also, the string cannot start | 45 // '/' and '#' must be present in the string. Also, the string cannot start |
47 // with a '/' (origin_identifier cannot be empty) and '/' must come before '#' | 46 // with a '/' (origin_identifier cannot be empty) and '/' must come before '#' |
48 if ((first_slash_index == base::string16::npos) || | 47 if ((first_slash_index == base::string16::npos) || |
49 (last_pound_index == base::string16::npos) || | 48 (last_pound_index == base::string16::npos) || (first_slash_index == 0) || |
50 (first_slash_index == 0) || | |
51 (first_slash_index > last_pound_index)) { | 49 (first_slash_index > last_pound_index)) { |
52 return false; | 50 return false; |
53 } | 51 } |
54 | 52 |
55 std::string origin_id = base::UTF16ToASCII( | 53 std::string origin_id = |
56 vfs_file_name.substr(0, first_slash_index)); | 54 base::UTF16ToASCII(vfs_file_name.substr(0, first_slash_index)); |
57 if (!IsValidOriginIdentifier(origin_id)) | 55 if (!IsValidOriginIdentifier(origin_id)) |
58 return false; | 56 return false; |
59 | 57 |
60 base::string16 suffix = vfs_file_name.substr( | 58 base::string16 suffix = vfs_file_name.substr( |
61 last_pound_index + 1, vfs_file_name.length() - last_pound_index - 1); | 59 last_pound_index + 1, vfs_file_name.length() - last_pound_index - 1); |
62 if (!IsSafeSuffix(suffix)) | 60 if (!IsSafeSuffix(suffix)) |
63 return false; | 61 return false; |
64 | 62 |
65 if (origin_identifier) | 63 if (origin_identifier) |
66 *origin_identifier = origin_id; | 64 *origin_identifier = origin_id; |
67 | 65 |
68 if (database_name) { | 66 if (database_name) { |
69 *database_name = vfs_file_name.substr( | 67 *database_name = vfs_file_name.substr( |
70 first_slash_index + 1, last_pound_index - first_slash_index - 1); | 68 first_slash_index + 1, last_pound_index - first_slash_index - 1); |
71 } | 69 } |
72 | 70 |
73 if (sqlite_suffix) | 71 if (sqlite_suffix) |
74 *sqlite_suffix = suffix; | 72 *sqlite_suffix = suffix; |
75 | 73 |
76 return true; | 74 return true; |
77 } | 75 } |
78 | 76 |
79 base::FilePath DatabaseUtil::GetFullFilePathForVfsFile( | 77 base::FilePath DatabaseUtil::GetFullFilePathForVfsFile( |
80 DatabaseTracker* db_tracker, const base::string16& vfs_file_name) { | 78 DatabaseTracker* db_tracker, |
| 79 const base::string16& vfs_file_name) { |
81 std::string origin_identifier; | 80 std::string origin_identifier; |
82 base::string16 database_name; | 81 base::string16 database_name; |
83 base::string16 sqlite_suffix; | 82 base::string16 sqlite_suffix; |
84 if (!CrackVfsFileName(vfs_file_name, &origin_identifier, | 83 if (!CrackVfsFileName( |
85 &database_name, &sqlite_suffix)) { | 84 vfs_file_name, &origin_identifier, &database_name, &sqlite_suffix)) { |
86 return base::FilePath(); // invalid vfs_file_name | 85 return base::FilePath(); // invalid vfs_file_name |
87 } | 86 } |
88 | 87 |
89 base::FilePath full_path = db_tracker->GetFullDBFilePath( | 88 base::FilePath full_path = |
90 origin_identifier, database_name); | 89 db_tracker->GetFullDBFilePath(origin_identifier, database_name); |
91 if (!full_path.empty() && !sqlite_suffix.empty()) { | 90 if (!full_path.empty() && !sqlite_suffix.empty()) { |
92 DCHECK(full_path.Extension().empty()); | 91 DCHECK(full_path.Extension().empty()); |
93 full_path = full_path.InsertBeforeExtensionASCII( | 92 full_path = |
94 base::UTF16ToASCII(sqlite_suffix)); | 93 full_path.InsertBeforeExtensionASCII(base::UTF16ToASCII(sqlite_suffix)); |
95 } | 94 } |
96 // Watch out for directory traversal attempts from a compromised renderer. | 95 // Watch out for directory traversal attempts from a compromised renderer. |
97 if (full_path.value().find(FILE_PATH_LITERAL("..")) != | 96 if (full_path.value().find(FILE_PATH_LITERAL("..")) != |
98 base::FilePath::StringType::npos) | 97 base::FilePath::StringType::npos) |
99 return base::FilePath(); | 98 return base::FilePath(); |
100 return full_path; | 99 return full_path; |
101 } | 100 } |
102 | 101 |
103 bool DatabaseUtil::IsValidOriginIdentifier( | 102 bool DatabaseUtil::IsValidOriginIdentifier( |
104 const std::string& origin_identifier) { | 103 const std::string& origin_identifier) { |
105 return GetOriginFromIdentifier(origin_identifier).is_valid(); | 104 return GetOriginFromIdentifier(origin_identifier).is_valid(); |
106 } | 105 } |
107 | 106 |
108 } // namespace webkit_database | 107 } // namespace webkit_database |
OLD | NEW |