diff options
Diffstat (limited to 'src/com')
-rw-r--r-- | src/com/android/messaging/datamodel/MediaScratchFileProvider.java | 18 | ||||
-rw-r--r-- | src/com/android/messaging/datamodel/MmsFileProvider.java | 19 |
2 files changed, 35 insertions, 2 deletions
diff --git a/src/com/android/messaging/datamodel/MediaScratchFileProvider.java b/src/com/android/messaging/datamodel/MediaScratchFileProvider.java index 29ae4f4..a19523f 100644 --- a/src/com/android/messaging/datamodel/MediaScratchFileProvider.java +++ b/src/com/android/messaging/datamodel/MediaScratchFileProvider.java @@ -32,6 +32,7 @@ import com.android.messaging.util.LogUtil; import com.google.common.annotations.VisibleForTesting; import java.io.File; +import java.io.IOException; import java.util.List; /** @@ -89,8 +90,23 @@ public class MediaScratchFileProvider extends FileProvider { private static File getFileWithExtension(final String path, final String extension) { final Context context = Factory.get().getApplicationContext(); - return new File(getDirectory(context), + final File filePath = new File(getDirectory(context), TextUtils.isEmpty(extension) ? path : path + "." + extension); + + try { + if (!filePath.getCanonicalPath() + .startsWith(getDirectory(context).getCanonicalPath())) { + LogUtil.e(TAG, "getFileWithExtension: path " + + filePath.getCanonicalPath() + + " does not start with " + + getDirectory(context).getCanonicalPath()); + return null; + } + } catch (IOException e) { + LogUtil.e(TAG, "getFileWithExtension: getCanonicalPath failed ", e); + return null; + } + return filePath; } private static File getDirectory(final Context context) { diff --git a/src/com/android/messaging/datamodel/MmsFileProvider.java b/src/com/android/messaging/datamodel/MmsFileProvider.java index 0022630..eb49802 100644 --- a/src/com/android/messaging/datamodel/MmsFileProvider.java +++ b/src/com/android/messaging/datamodel/MmsFileProvider.java @@ -18,12 +18,14 @@ package com.android.messaging.datamodel; import android.content.Context; import android.net.Uri; +import android.text.TextUtils; import com.android.messaging.Factory; import com.android.messaging.util.LogUtil; import com.google.common.annotations.VisibleForTesting; import java.io.File; +import java.io.IOException; /** * A very simple content provider that can serve mms files from our cache directory. @@ -60,7 +62,22 @@ public class MmsFileProvider extends FileProvider { private static File getFile(final String path) { final Context context = Factory.get().getApplicationContext(); - return new File(getDirectory(context), path + ".dat"); + final File filePath = new File(getDirectory(context), path + ".dat"); + + try { + if (!filePath.getCanonicalPath() + .startsWith(getDirectory(context).getCanonicalPath())) { + LogUtil.e(TAG, "getFile: path " + + filePath.getCanonicalPath() + + " does not start with " + + getDirectory(context).getCanonicalPath()); + return null; + } + } catch (IOException e) { + LogUtil.e(TAG, "getFile: getCanonicalPath failed ", e); + return null; + } + return filePath; } private static File getDirectory(final Context context) { |