allow package structures to say that external paths are ok. defaults to false, though some packagestructures that do not have executable code capabilities (e.g. wallpaper image sets) may wish to take advantage of this

CCBUG:180716 svn path=/trunk/KDE/kdelibs/; revision=911736
2009-01-16 01:02:35 +00:00 · 2009-01-16 01:02:35 +00:00 · 023ae75d69
commit 023ae75d69
parent 4bc508411a
3 changed files with 39 additions and 4 deletions
--- a/package.cpp
+++ b/package.cpp
@ -139,6 +139,10 @@ QString Package::filePath(const char *fileType, const QString &filename) const
    }

    if (QFile::exists(path)) {
+        if (d->structure->allowExternalPaths()) {
+            return path;
+        }
+
        // ensure that we don't return files outside of our base path
        // due to symlink or ../ games
        QDir dir(path);
@ -171,6 +175,10 @@ QStringList Package::entryList(const char *fileType) const
    QDir dir(d->basePath + d->structure->contentsPrefix() + path);

    if (dir.exists()) {
+        if (d->structure->allowExternalPaths()) {
+            return dir.entryList(QDir::Files | QDir::Readable);
+        }
+
        // ensure that we don't return files outside of our base path
        // due to symlink or ../ games
        QString canonicalized = dir.canonicalPath();
--- a/packagestructure.cpp
+++ b/packagestructure.cpp
@ -58,17 +58,19 @@ class ContentStructure
        QString path;
        QString name;
        QStringList mimetypes;
-        bool directory;
-        bool required;
+        bool directory : 1;
+        bool required : 1;
 };

 class PackageStructurePrivate
 {
 public:
    PackageStructurePrivate()
-        : metadata(0)
+        : metadata(0),
+          externalPaths(false)
    {
    }
+
    ~PackageStructurePrivate()
    {
        delete metadata;
@ -76,6 +78,8 @@ public:

    void createPackageMetadata(const QString &path);

+    static QHash<QString, PackageStructure::Ptr> structures;
+
    QString type;
    QString path;
    QString contentsPrefix;
@ -83,8 +87,8 @@ public:
    QString servicePrefix;
    QMap<QByteArray, ContentStructure> contents;
    QStringList mimetypes;
-    static QHash<QString, PackageStructure::Ptr> structures;
    PackageMetadata *metadata;
+    bool externalPaths;
 };

 QHash<QString, PackageStructure::Ptr> PackageStructurePrivate::structures;
@ -491,6 +495,16 @@ PackageMetadata PackageStructure::metadata()
    return *d->metadata;
 }

+bool PackageStructure::allowExternalPaths() const
+{
+    return d->externalPaths;
+}
+
+void PackageStructure::setAllowExternalPaths(bool allow)
+{
+    d->externalPaths = allow;
+}
+
 } // Plasma namespace

 #include "packagestructure.moc"
--- a/packagestructure.h
+++ b/packagestructure.h
@ -278,6 +278,12 @@ public:
      */
    virtual PackageMetadata metadata();

+    /**
+     * @return true if paths/symlinks outside the package itself should be followed.
+     * By default this is set to false for security reasons.
+     */
+    bool allowExternalPaths() const;
+
 Q_SIGNALS:
    /**
     * Emitted when the new widget browser process completes.
@ -285,6 +291,13 @@ Q_SIGNALS:
    void newWidgetBrowserFinished();

 protected:
+    /**
+     * Sets whether or not external paths/symlinks can be followed by a package
+     * @arg allow true if paths/symlinks outside of the package should be followed,
+     *             false if they should be rejected.
+     */
+    void setAllowExternalPaths(bool allow);
+
    /**
     * Sets the prefix that all the contents in this package should
     * appear under. This defaults to "contents/" and is added automatically