tobias/radicale
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Convert component names safely to filenames

Browse Source 
Component names are controlled by the user and
without this checks access to arbitrary files is
possible if the multifilesystem backend is used.
This commit is contained in:
Unrud 2015-12-24 13:32:30 +01:00
parent b4b3d51f33
commit bcaf452e51
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
radicale/storage/multifilesystem.py
View File

@ -53,6 +53,11 @@ class Collection(filesystem.Collection):
name = ( name = (
component.name if sys.version_info[0] >= 3 else component.name if sys.version_info[0] >= 3 else
component.name.encode(filesystem.FILESYSTEM_ENCODING)) component.name.encode(filesystem.FILESYSTEM_ENCODING))
if not pathutils.is_safe_filesystem_path_component(name):
log.LOGGER.debug(
"Can't tranlate name safely to filesystem, "
"skipping component: %s", name)
continue
filesystem_path = os.path.join(self._filesystem_path, name) filesystem_path = os.path.join(self._filesystem_path, name)
with filesystem.open(filesystem_path, "w") as fd: with filesystem.open(filesystem_path, "w") as fd:
fd.write(text) fd.write(text)
@ -62,6 +67,11 @@ class Collection(filesystem.Collection):
os.remove(self._props_path) os.remove(self._props_path)
def remove(self, name): def remove(self, name):
if not pathutils.is_safe_filesystem_path_component(name):
log.LOGGER.debug(
"Can't tranlate name safely to filesystem, "
"skipping component: %s", name)
return
filesystem_path = os.path.join(self._filesystem_path, name) filesystem_path = os.path.join(self._filesystem_path, name)
if os.path.exists(filesystem_path): if os.path.exists(filesystem_path):
os.remove(filesystem_path) os.remove(filesystem_path)