summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJeff Sharkey <jsharkey@google.com>2016-01-15 19:08:42 +0000
committerandroid-build-merger <android-build-merger@google.com>2016-01-15 19:08:42 +0000
commit9f47480ba25b08c4e16506e9de21f11e79d4d06d (patch)
treed497ed8e26a4da80e74f565874b2c3a59c9a8c15
parent721a13547271c7af1629268d5e3b5e6361555270 (diff)
parentcd15221e332ec8beca4870099de41dde6f5a3213 (diff)
downloadandroid_packages_providers_DownloadProvider-9f47480ba25b08c4e16506e9de21f11e79d4d06d.tar.gz
android_packages_providers_DownloadProvider-9f47480ba25b08c4e16506e9de21f11e79d4d06d.tar.bz2
android_packages_providers_DownloadProvider-9f47480ba25b08c4e16506e9de21f11e79d4d06d.zip
Revert "Use resolved path for both checking and opening." am: 6947a091f1
am: cd15221e33 * commit 'cd15221e332ec8beca4870099de41dde6f5a3213': Revert "Use resolved path for both checking and opening."
-rw-r--r--src/com/android/providers/downloads/DownloadProvider.java12
-rw-r--r--src/com/android/providers/downloads/Helpers.java62
2 files changed, 12 insertions, 62 deletions
diff --git a/src/com/android/providers/downloads/DownloadProvider.java b/src/com/android/providers/downloads/DownloadProvider.java
index 1595dfa9..ad3cf7ac 100644
--- a/src/com/android/providers/downloads/DownloadProvider.java
+++ b/src/com/android/providers/downloads/DownloadProvider.java
@@ -1205,16 +1205,8 @@ public final class DownloadProvider extends ContentProvider {
if (path == null) {
throw new FileNotFoundException("No filename found.");
}
-
- final File file;
- try {
- file = new File(path).getCanonicalFile();
- } catch (IOException e) {
- throw new FileNotFoundException(e.getMessage());
- }
-
- if (!Helpers.isFilenameValid(getContext(), file)) {
- throw new FileNotFoundException("Invalid file path: " + file);
+ if (!Helpers.isFilenameValid(path, mDownloadsDataDir)) {
+ throw new FileNotFoundException("Invalid filename: " + path);
}
final File file = new File(path);
diff --git a/src/com/android/providers/downloads/Helpers.java b/src/com/android/providers/downloads/Helpers.java
index 5f2c67f7..3562dac7 100644
--- a/src/com/android/providers/downloads/Helpers.java
+++ b/src/com/android/providers/downloads/Helpers.java
@@ -349,25 +349,24 @@ public class Helpers {
}
/**
- * Checks whether the filename looks legitimate for security purposes. This
- * prevents us from opening files that aren't actually downloads.
+ * Checks whether the filename looks legitimate
*/
- static boolean isFilenameValid(Context context, File file) {
- final File[] whitelist;
+ static boolean isFilenameValid(String filename, File downloadsDataDir) {
+ final String[] whitelist;
try {
- whitelist = new File[] {
- context.getFilesDir().getCanonicalFile(),
- context.getCacheDir().getCanonicalFile(),
- Environment.getDownloadCacheDirectory().getCanonicalFile(),
- Environment.getExternalStorageDirectory().getCanonicalFile(),
+ filename = new File(filename).getCanonicalPath();
+ whitelist = new String[] {
+ downloadsDataDir.getCanonicalPath(),
+ Environment.getDownloadCacheDirectory().getCanonicalPath(),
+ Environment.getExternalStorageDirectory().getCanonicalPath(),
};
} catch (IOException e) {
Log.w(TAG, "Failed to resolve canonical path: " + e);
return false;
}
- for (File testDir : whitelist) {
- if (contains(testDir, file)) {
+ for (String test : whitelist) {
+ if (filename.startsWith(test)) {
return true;
}
}
@@ -376,47 +375,6 @@ public class Helpers {
}
/**
- * Test if a file lives under the given directory, either as a direct child
- * or a distant grandchild.
- * <p>
- * Both files <em>must</em> have been resolved using
- * {@link File#getCanonicalFile()} to avoid symlink or path traversal
- * attacks.
- */
- public static boolean contains(File[] dirs, File file) {
- for (File dir : dirs) {
- if (contains(dir, file)) {
- return true;
- }
- }
- return false;
- }
-
- /**
- * Test if a file lives under the given directory, either as a direct child
- * or a distant grandchild.
- * <p>
- * Both files <em>must</em> have been resolved using
- * {@link File#getCanonicalFile()} to avoid symlink or path traversal
- * attacks.
- */
- public static boolean contains(File dir, File file) {
- if (dir == null || file == null) return false;
-
- String dirPath = dir.getAbsolutePath();
- String filePath = file.getAbsolutePath();
-
- if (dirPath.equals(filePath)) {
- return true;
- }
-
- if (!dirPath.endsWith("/")) {
- dirPath += "/";
- }
- return filePath.startsWith(dirPath);
- }
-
- /**
* Checks whether this looks like a legitimate selection parameter
*/
public static void validateSelection(String selection, Set<String> allowedColumns) {