mirror of
https://codeberg.org/icewind/SMB.git
synced 2026-06-03 17:24:07 +02:00
Check for invalid characters in paths
This commit is contained in:
Robin Appelman
parent
b822af84c5
commit
4ca3c3df22
5 changed files with 151 additions and 7 deletions
26
src/AbstractShare.php
Normal file
26
src/AbstractShare.php
Normal file
|
|
@ -0,0 +1,26 @@
|
|||
<?php
|
||||
/**
|
||||
* Copyright (c) 2015 Robin Appelman <icewind@owncloud.com>
|
||||
* This file is licensed under the Licensed under the MIT license:
|
||||
* http://opensource.org/licenses/MIT
|
||||
*/
|
||||
|
||||
namespace Icewind\SMB;
|
||||
|
||||
use Icewind\SMB\Exception\InvalidPathException;
|
||||
|
||||
abstract class AbstractShare implements IShare {
|
||||
private $forbiddenCharacters;
|
||||
|
||||
public function __construct() {
|
||||
$this->forbiddenCharacters = array('?', '<', '>', ':', '*', '|', '"', chr(0), "\n");
|
||||
}
|
||||
|
||||
protected function verifyPath($path) {
|
||||
foreach ($this->forbiddenCharacters as $char) {
|
||||
if (strpos($path, $char) !== false) {
|
||||
throw new InvalidPathException('Invalid path, "' . $char . '" is not allowed');
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
10
src/Exception/InvalidPathException.php
Normal file
10
src/Exception/InvalidPathException.php
Normal file
|
|
@ -0,0 +1,10 @@
|
|||
<?php
|
||||
/**
|
||||
* Copyright (c) 2014 Robin Appelman <icewind@owncloud.com>
|
||||
* This file is licensed under the Licensed under the MIT license:
|
||||
* http://opensource.org/licenses/MIT
|
||||
*/
|
||||
|
||||
namespace Icewind\SMB\Exception;
|
||||
|
||||
class InvalidPathException extends InvalidRequestException {}
|
||||
|
|
@ -7,7 +7,7 @@
|
|||
|
||||
namespace Icewind\SMB;
|
||||
|
||||
class NativeShare implements IShare {
|
||||
class NativeShare extends AbstractShare {
|
||||
/**
|
||||
* @var Server $server
|
||||
*/
|
||||
|
|
@ -28,6 +28,7 @@ class NativeShare implements IShare {
|
|||
* @param string $name
|
||||
*/
|
||||
public function __construct($server, $name) {
|
||||
parent::__construct();
|
||||
$this->server = $server;
|
||||
$this->name = $name;
|
||||
$this->state = new NativeState();
|
||||
|
|
@ -56,6 +57,7 @@ class NativeShare implements IShare {
|
|||
}
|
||||
|
||||
private function buildUrl($path) {
|
||||
$this->verifyPath($path);
|
||||
$url = sprintf('smb://%s/%s', $this->server->getHost(), $this->name);
|
||||
if ($path) {
|
||||
$path = trim($path, '/');
|
||||
|
|
|
|||
|
|
@ -7,17 +7,13 @@
|
|||
|
||||
namespace Icewind\SMB;
|
||||
|
||||
use Icewind\SMB\Exception\AccessDeniedException;
|
||||
use Icewind\SMB\Exception\AlreadyExistsException;
|
||||
use Icewind\SMB\Exception\ConnectionException;
|
||||
use Icewind\SMB\Exception\Exception;
|
||||
use Icewind\SMB\Exception\FileInUseException;
|
||||
use Icewind\SMB\Exception\InvalidTypeException;
|
||||
use Icewind\SMB\Exception\NotEmptyException;
|
||||
use Icewind\SMB\Exception\NotFoundException;
|
||||
use Icewind\Streams\CallbackWrapper;
|
||||
|
||||
class Share implements IShare {
|
||||
class Share extends AbstractShare {
|
||||
/**
|
||||
* @var Server $server
|
||||
*/
|
||||
|
|
@ -43,6 +39,7 @@ class Share implements IShare {
|
|||
* @param string $name
|
||||
*/
|
||||
public function __construct($server, $name) {
|
||||
parent::__construct();
|
||||
$this->server = $server;
|
||||
$this->name = $name;
|
||||
$this->parser = new Parser(new TimeZoneProvider($this->server->getHost()));
|
||||
|
|
@ -380,6 +377,7 @@ class Share implements IShare {
|
|||
* @return string
|
||||
*/
|
||||
protected function escapePath($path) {
|
||||
$this->verifyPath($path);
|
||||
if ($path === '/') {
|
||||
$path = '';
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue