allow package structures to say that external paths are ok. defaults to false, though some packagestructures that do not have executable code capabilities (e.g. wallpaper image sets) may wish to take advantage of this

CCBUG:180716

svn path=/trunk/KDE/kdelibs/; revision=911736

package.cpp

@@ -139,6 +139,10 @@ QString Package::filePath(const char *fileType, const QString &filename) const
     }
 
     if (QFile::exists(path)) {
+        if (d->structure->allowExternalPaths()) {
+            return path;
+        }
+
         // ensure that we don't return files outside of our base path
         // due to symlink or ../ games
         QDir dir(path);
@@ -171,6 +175,10 @@ QStringList Package::entryList(const char *fileType) const
     QDir dir(d->basePath + d->structure->contentsPrefix() + path);
 
     if (dir.exists()) {
+        if (d->structure->allowExternalPaths()) {
+            return dir.entryList(QDir::Files | QDir::Readable);
+        }
+
         // ensure that we don't return files outside of our base path
         // due to symlink or ../ games
         QString canonicalized = dir.canonicalPath();

packagestructure.cpp

@@ -58,17 +58,19 @@ class ContentStructure
         QString path;
         QString name;
         QStringList mimetypes;
-        bool directory;
+        bool directory : 1;
-        bool required;
+        bool required : 1;
 };
 
 class PackageStructurePrivate
 {
 public:
     PackageStructurePrivate()
-        : metadata(0)
+        : metadata(0),
+          externalPaths(false)
     {
     }
+
     ~PackageStructurePrivate()
     {
         delete metadata;
@@ -76,6 +78,8 @@ public:
 
     void createPackageMetadata(const QString &path);
 
+    static QHash<QString, PackageStructure::Ptr> structures;
+
     QString type;
     QString path;
     QString contentsPrefix;
@@ -83,8 +87,8 @@ public:
     QString servicePrefix;
     QMap<QByteArray, ContentStructure> contents;
     QStringList mimetypes;
-    static QHash<QString, PackageStructure::Ptr> structures;
     PackageMetadata *metadata;
+    bool externalPaths;
  };
 
 QHash<QString, PackageStructure::Ptr> PackageStructurePrivate::structures;
@@ -491,6 +495,16 @@ PackageMetadata PackageStructure::metadata()
     return *d->metadata;
 }
 
+bool PackageStructure::allowExternalPaths() const
+{
+    return d->externalPaths;
+}
+
+void PackageStructure::setAllowExternalPaths(bool allow)
+{
+    d->externalPaths = allow;
+}
+
 } // Plasma namespace
 
 #include "packagestructure.moc"

packagestructure.h

@@ -278,6 +278,12 @@ public:
       */
     virtual PackageMetadata metadata();
 
+    /**
+     * @return true if paths/symlinks outside the package itself should be followed.
+     * By default this is set to false for security reasons.
+     */
+    bool allowExternalPaths() const;
+
 Q_SIGNALS:
     /**
      * Emitted when the new widget browser process completes.
@@ -285,6 +291,13 @@ Q_SIGNALS:
     void newWidgetBrowserFinished();
 
 protected:
+    /**
+     * Sets whether or not external paths/symlinks can be followed by a package
+     * @arg allow true if paths/symlinks outside of the package should be followed,
+     *             false if they should be rejected.
+     */
+    void setAllowExternalPaths(bool allow);
+
     /**
      * Sets the prefix that all the contents in this package should
      * appear under. This defaults to "contents/" and is added automatically