inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-07-24 17:32:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

Added checks for illegal characters in CIFS paths. Fix for WCM-130.

Browse Source 
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@4864 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Gary Spencer
2007-01-17 15:42:24 +00:00
parent de338f9d28
commit 05e098c7a6
3 changed files with 335 additions and 176 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
source/java/org/alfresco/filesys/smb/SMBStatus.java
View File

@@ -226,6 +226,7 @@ public final class SMBStatus
public static final int NTObjectNotFound = 0xC0000034; public static final int NTObjectNotFound = 0xC0000034;
public static final int NTObjectNameCollision = 0xC0000035; public static final int NTObjectNameCollision = 0xC0000035;
public static final int NTObjectPathNotFound = 0xC000003A; public static final int NTObjectPathNotFound = 0xC000003A;
public static final int NTObjectPathSyntaxBad = 0xC000003B;
public static final int NTSharingViolation = 0xC0000043; public static final int NTSharingViolation = 0xC0000043;
public static final int NTLockConflict = 0xC0000054; public static final int NTLockConflict = 0xC0000054;
public static final int NTLockNotGranted = 0xC0000055; public static final int NTLockNotGranted = 0xC0000055;

103
source/java/org/alfresco/filesys/smb/server/CoreProtocolHandler.java
View File

@@ -77,6 +77,11 @@ class CoreProtocolHandler extends ProtocolHandler
private static final int MaxWordValue = 0x0000FFFF; private static final int MaxWordValue = 0x0000FFFF;
// Invalid file name characters
private static final String InvalidFileNameChars = "\"/[]:+|<>=;,*?";
private static final String InvalidFileNameCharsSearch = "\"/[]:+|<>=;,";
// SMB packet class // SMB packet class
protected SMBSrvPacket m_smbPkt; protected SMBSrvPacket m_smbPkt;
@@ -118,6 +123,48 @@ class CoreProtocolHandler extends ProtocolHandler
} }
/**
* Check if a path contains any illegal characters, for file/create open/create/rename/get info
*
* @param path String
* @return boolean
*/
protected boolean isValidPath(String path)
{
// Scan the path for invalid path characters
for ( int i = 0; i < InvalidFileNameChars.length(); i++)
{
if ( path.indexOf( InvalidFileNameChars.charAt( i)) != -1)
return false;
}
// Path looks valid
return true;
}
/**
* Check if a path contains any illegal characters, for a folder search
*
* @param path String
* @return boolean
*/
protected boolean isValidSearchPath(String path)
{
// Scan the path for invalid path characters
for ( int i = 0; i < InvalidFileNameCharsSearch.length(); i++)
{
if ( path.indexOf( InvalidFileNameCharsSearch.charAt( i)) != -1)
return false;
}
// Path looks valid
return true;
}
/** /**
* Pack file information for a search into the specified buffer. * Pack file information for a search into the specified buffer.
* *
@@ -231,6 +278,14 @@ class CoreProtocolHandler extends ProtocolHandler
return; return;
} }
// Check if the file name is valid
if ( isValidPath( dirName) == false)
{
m_sess.sendErrorResponseSMB(SMBStatus.NTObjectNameInvalid, SMBStatus.DOSInvalidData, SMBStatus.ErrDos);
return;
}
// Debug // Debug
if (logger.isDebugEnabled() && m_sess.hasDebug(SMBSrvSession.DBG_FILE)) if (logger.isDebugEnabled() && m_sess.hasDebug(SMBSrvSession.DBG_FILE))
@@ -450,6 +505,14 @@ class CoreProtocolHandler extends ProtocolHandler
return; return;
} }
// Check if the file name is valid
if ( isValidPath( dirName) == false)
{
m_sess.sendErrorResponseSMB(SMBStatus.NTObjectNameInvalid, SMBStatus.DOSInvalidData, SMBStatus.ErrDos);
return;
}
// Debug // Debug
if (logger.isDebugEnabled() && m_sess.hasDebug(SMBSrvSession.DBG_FILE)) if (logger.isDebugEnabled() && m_sess.hasDebug(SMBSrvSession.DBG_FILE))
@@ -573,6 +636,14 @@ class CoreProtocolHandler extends ProtocolHandler
return; return;
} }
// Check if the file name is valid
if ( isValidPath( fileName) == false)
{
m_sess.sendErrorResponseSMB(SMBStatus.NTObjectNameInvalid, SMBStatus.DOSInvalidData, SMBStatus.ErrDos);
return;
}
// Get the required file attributes for the new file // Get the required file attributes for the new file
int attr = m_smbPkt.getParameter(0); int attr = m_smbPkt.getParameter(0);
@@ -719,6 +790,14 @@ class CoreProtocolHandler extends ProtocolHandler
return; return;
} }
// Check if the file name is valid
if ( isValidPath( dirName) == false)
{
m_sess.sendErrorResponseSMB(SMBStatus.NTObjectNameInvalid, SMBStatus.DOSInvalidData, SMBStatus.ErrDos);
return;
}
// Debug // Debug
if (logger.isDebugEnabled() && m_sess.hasDebug(SMBSrvSession.DBG_FILE)) if (logger.isDebugEnabled() && m_sess.hasDebug(SMBSrvSession.DBG_FILE))
@@ -836,6 +915,14 @@ class CoreProtocolHandler extends ProtocolHandler
return; return;
} }
// Check if the file name is valid
if ( isValidPath( fileName) == false)
{
m_sess.sendErrorResponseSMB(SMBStatus.NTObjectNameInvalid, SMBStatus.DOSInvalidData, SMBStatus.ErrDos);
return;
}
// Debug // Debug
if (logger.isDebugEnabled() && m_sess.hasDebug(SMBSrvSession.DBG_FILE)) if (logger.isDebugEnabled() && m_sess.hasDebug(SMBSrvSession.DBG_FILE))
@@ -1216,6 +1303,14 @@ class CoreProtocolHandler extends ProtocolHandler
return; return;
} }
// Check if the file name is valid
if ( isValidPath( fileName) == false)
{
m_sess.sendErrorResponseSMB(SMBStatus.NTObjectNameInvalid, SMBStatus.DOSInvalidData, SMBStatus.ErrDos);
return;
}
// Debug // Debug
if (logger.isDebugEnabled() && m_sess.hasDebug(SMBSrvSession.DBG_FILE)) if (logger.isDebugEnabled() && m_sess.hasDebug(SMBSrvSession.DBG_FILE))
@@ -2081,6 +2176,14 @@ class CoreProtocolHandler extends ProtocolHandler
return; return;
} }
// Check if the search path is valid
if ( isValidSearchPath( srchPath) == false)
{
m_sess.sendErrorResponseSMB(SMBStatus.NTObjectNameInvalid, SMBStatus.DOSInvalidData, SMBStatus.ErrDos);
return;
}
// Update the received data position // Update the received data position
dataPos += srchPath.length() + 2; dataPos += srchPath.length() + 2;

55
source/java/org/alfresco/filesys/smb/server/NTProtocolHandler.java
View File

@@ -2275,6 +2275,14 @@ public class NTProtocolHandler extends CoreProtocolHandler
if (logger.isDebugEnabled() && m_sess.hasDebug(SMBSrvSession.DBG_FILE)) if (logger.isDebugEnabled() && m_sess.hasDebug(SMBSrvSession.DBG_FILE))
logger.debug("File Open AndX [" + m_smbPkt.getTreeId() + "] params=" + params); logger.debug("File Open AndX [" + m_smbPkt.getTreeId() + "] params=" + params);
// Check if the file name is valid
if ( isValidPath( params.getPath()) == false)
{
m_sess.sendErrorResponseSMB(SMBStatus.NTObjectNameInvalid, SMBStatus.DOSInvalidData, SMBStatus.ErrDos);
return;
}
// Access the disk interface and open the requested file // Access the disk interface and open the requested file
int fid; int fid;
@@ -2709,6 +2717,20 @@ public class NTProtocolHandler extends CoreProtocolHandler
if (logger.isDebugEnabled() && m_sess.hasDebug(SMBSrvSession.DBG_FILE)) if (logger.isDebugEnabled() && m_sess.hasDebug(SMBSrvSession.DBG_FILE))
logger.debug("File Rename [" + m_smbPkt.getTreeId() + "] old name=" + oldName + ", new name=" + newName); logger.debug("File Rename [" + m_smbPkt.getTreeId() + "] old name=" + oldName + ", new name=" + newName);
// Check if the from/to paths are
if ( isValidPath( oldName) == false)
{
m_sess.sendErrorResponseSMB(SMBStatus.NTObjectNameInvalid, SMBStatus.DOSInvalidData, SMBStatus.ErrDos);
return;
}
if ( isValidPath( newName) == false)
{
m_sess.sendErrorResponseSMB(SMBStatus.NTObjectNameInvalid, SMBStatus.DOSInvalidData, SMBStatus.ErrDos);
return;
}
// Access the disk interface and rename the requested file // Access the disk interface and rename the requested file
try try
@@ -3117,6 +3139,14 @@ public class NTProtocolHandler extends CoreProtocolHandler
return; return;
} }
// Check if the search path is valid
if ( isValidSearchPath( srchPath) == false)
{
m_sess.sendErrorResponseSMB(SMBStatus.NTObjectNameInvalid, SMBStatus.DOSInvalidData, SMBStatus.ErrDos);
return;
}
// Access the shared device disk interface // Access the shared device disk interface
SearchContext ctx = null; SearchContext ctx = null;
@@ -3967,6 +3997,14 @@ public class NTProtocolHandler extends CoreProtocolHandler
if (logger.isDebugEnabled() && m_sess.hasDebug(SMBSrvSession.DBG_INFO)) if (logger.isDebugEnabled() && m_sess.hasDebug(SMBSrvSession.DBG_INFO))
logger.debug("Query Path - level = 0x" + Integer.toHexString(infoLevl) + ", path = " + path); logger.debug("Query Path - level = 0x" + Integer.toHexString(infoLevl) + ", path = " + path);
// Check if the file name is valid
if ( isValidPath( path) == false)
{
m_sess.sendErrorResponseSMB(SMBStatus.NTObjectNameInvalid, SMBStatus.DOSInvalidData, SMBStatus.ErrDos);
return;
}
// Access the shared device disk interface // Access the shared device disk interface
try try
@@ -4813,6 +4851,14 @@ public class NTProtocolHandler extends CoreProtocolHandler
if (logger.isDebugEnabled() && m_sess.hasDebug(SMBSrvSession.DBG_INFO)) if (logger.isDebugEnabled() && m_sess.hasDebug(SMBSrvSession.DBG_INFO))
logger.debug("Set Path - path=" + path + ", level=0x" + Integer.toHexString(infoLevl)); logger.debug("Set Path - path=" + path + ", level=0x" + Integer.toHexString(infoLevl));
// Check if the file name is valid
if ( isValidPath( path) == false)
{
m_sess.sendErrorResponseSMB(SMBStatus.NTObjectNameInvalid, SMBStatus.DOSInvalidData, SMBStatus.ErrDos);
return;
}
// Access the shared device disk interface // Access the shared device disk interface
try try
@@ -5358,11 +5404,20 @@ public class NTProtocolHandler extends CoreProtocolHandler
FileOpenParams params = new FileOpenParams(fileName, createDisp, accessMask, attrib, shrAccess, allocSize, FileOpenParams params = new FileOpenParams(fileName, createDisp, accessMask, attrib, shrAccess, allocSize,
createOptn, rootFID, impersonLev, secFlags); createOptn, rootFID, impersonLev, secFlags);
// Debug // Debug
if (logger.isDebugEnabled() && m_sess.hasDebug(SMBSrvSession.DBG_FILE)) if (logger.isDebugEnabled() && m_sess.hasDebug(SMBSrvSession.DBG_FILE))
logger.debug("NT Create AndX [" + m_smbPkt.getTreeId() + "] params=" + params); logger.debug("NT Create AndX [" + m_smbPkt.getTreeId() + "] params=" + params);
// Check if the file name is valid
if ( isValidPath( params.getPath()) == false)
{
m_sess.sendErrorResponseSMB(SMBStatus.NTObjectNameInvalid, SMBStatus.DOSInvalidData, SMBStatus.ErrDos);
return;
}
// Access the disk interface and open the requested file // Access the disk interface and open the requested file
int fid; int fid;