From 023ae75d694869f271bb3847ff48ce8e534a8961 Mon Sep 17 00:00:00 2001 From: "Aaron J. Seigo" Date: Fri, 16 Jan 2009 01:02:35 +0000 Subject: [PATCH] allow package structures to say that external paths are ok. defaults to false, though some packagestructures that do not have executable code capabilities (e.g. wallpaper image sets) may wish to take advantage of this CCBUG:180716 svn path=/trunk/KDE/kdelibs/; revision=911736 --- package.cpp | 8 ++++++++ packagestructure.cpp | 22 ++++++++++++++++++---- packagestructure.h | 13 +++++++++++++ 3 files changed, 39 insertions(+), 4 deletions(-) diff --git a/package.cpp b/package.cpp index 5322a76d9..39b507383 100644 --- a/package.cpp +++ b/package.cpp @@ -139,6 +139,10 @@ QString Package::filePath(const char *fileType, const QString &filename) const } if (QFile::exists(path)) { + if (d->structure->allowExternalPaths()) { + return path; + } + // ensure that we don't return files outside of our base path // due to symlink or ../ games QDir dir(path); @@ -171,6 +175,10 @@ QStringList Package::entryList(const char *fileType) const QDir dir(d->basePath + d->structure->contentsPrefix() + path); if (dir.exists()) { + if (d->structure->allowExternalPaths()) { + return dir.entryList(QDir::Files | QDir::Readable); + } + // ensure that we don't return files outside of our base path // due to symlink or ../ games QString canonicalized = dir.canonicalPath(); diff --git a/packagestructure.cpp b/packagestructure.cpp index b1a82a47e..9e9882bf4 100644 --- a/packagestructure.cpp +++ b/packagestructure.cpp @@ -58,17 +58,19 @@ class ContentStructure QString path; QString name; QStringList mimetypes; - bool directory; - bool required; + bool directory : 1; + bool required : 1; }; class PackageStructurePrivate { public: PackageStructurePrivate() - : metadata(0) + : metadata(0), + externalPaths(false) { } + ~PackageStructurePrivate() { delete metadata; @@ -76,6 +78,8 @@ public: void createPackageMetadata(const QString &path); + static QHash structures; + QString type; QString path; QString contentsPrefix; @@ -83,8 +87,8 @@ public: QString servicePrefix; QMap contents; QStringList mimetypes; - static QHash structures; PackageMetadata *metadata; + bool externalPaths; }; QHash PackageStructurePrivate::structures; @@ -491,6 +495,16 @@ PackageMetadata PackageStructure::metadata() return *d->metadata; } +bool PackageStructure::allowExternalPaths() const +{ + return d->externalPaths; +} + +void PackageStructure::setAllowExternalPaths(bool allow) +{ + d->externalPaths = allow; +} + } // Plasma namespace #include "packagestructure.moc" diff --git a/packagestructure.h b/packagestructure.h index 6772feaa1..929b1a21c 100644 --- a/packagestructure.h +++ b/packagestructure.h @@ -278,6 +278,12 @@ public: */ virtual PackageMetadata metadata(); + /** + * @return true if paths/symlinks outside the package itself should be followed. + * By default this is set to false for security reasons. + */ + bool allowExternalPaths() const; + Q_SIGNALS: /** * Emitted when the new widget browser process completes. @@ -285,6 +291,13 @@ Q_SIGNALS: void newWidgetBrowserFinished(); protected: + /** + * Sets whether or not external paths/symlinks can be followed by a package + * @arg allow true if paths/symlinks outside of the package should be followed, + * false if they should be rejected. + */ + void setAllowExternalPaths(bool allow); + /** * Sets the prefix that all the contents in this package should * appear under. This defaults to "contents/" and is added automatically