2006-04-07 Sebastien Pouliot <sebastien@ximian.com>

	* FileIOPermission.cs: Ensure the "bad" path characters match the OS
	ones. Reworked the code to avoid the modifiable array trap present in
	Fx 1.x and to be more precise in the 2.0 profile.


svn path=/trunk/mcs/; revision=59197

2 files changed, 43 insertions, 2 deletions

diff --git a/mcs/class/corlib/System.Security.Permissions/ChangeLog b/mcs/class/corlib/System.Security.Permissions/ChangeLog
index 58575413bc7..3eae1ea941d 100644
--- a/mcs/class/corlib/System.Security.Permissions/ChangeLog
+++ b/mcs/class/corlib/System.Security.Permissions/ChangeLog
@@ -1,3 +1,9 @@
+2006-04-07  Sebastien Pouliot  <sebastien@ximian.com>
+
+	* FileIOPermission.cs: Ensure the "bad" path characters match the OS
+	ones. Reworked the code to avoid the modifiable array trap present in
+	Fx 1.x and to be more precise in the 2.0 profile.
+
 2005-11-14  Carlos Alberto Cortez <calberto.cortez@gmail.com>
 
 	* IsolatedStoragePermission.cs: Updated FromXml with
diff --git a/mcs/class/corlib/System.Security.Permissions/FileIOPermission.cs b/mcs/class/corlib/System.Security.Permissions/FileIOPermission.cs
index 791b8eb03d4..cba7df96023 100644
--- a/mcs/class/corlib/System.Security.Permissions/FileIOPermission.cs
+++ b/mcs/class/corlib/System.Security.Permissions/FileIOPermission.cs
@@ -47,7 +47,28 @@ namespace System.Security.Permissions {
                 : CodeAccessPermission, IBuiltInPermission, IUnrestrictedPermission {

 
 		private const int version = 1;
-		private static char[] m_badCharacters = {'\"','<', '>', '|', '*', '?'};

+
+#if NET_2_0
+		private static char[] BadPathNameCharacters;
+		private static char[] BadFileNameCharacters;
+
+		static FileIOPermission ()
+		{
+			// we keep a local (static) copies to avoid calls/allocations
+			BadPathNameCharacters = Path.GetInvalidPathChars ();
+			BadFileNameCharacters = Path.GetInvalidFileNameChars ();
+		}
+#else
+		private static char[] m_badCharacters;
+
+		static FileIOPermission ()
+		{
+			// note: deprecated in 2.0 as InvalidPathChars is an array (i.e. items can be
+			// modified). Anyway we keep our own copy, which should be called by the 
+			// security manager before anyone has the chance to change it.
+			m_badCharacters = (char[]) Path.InvalidPathChars.Clone ();
+		}
+#endif

 
 		private bool m_Unrestricted = false;

 		private FileIOPermissionAccess m_AllFilesAccess = FileIOPermissionAccess.NoAccess;

@@ -438,10 +459,24 @@ namespace System.Security.Permissions {
 
 		internal void ThrowIfInvalidPath (string path)
 		{
+#if NET_2_0
+			string dir = Path.GetDirectoryName (path);
+			if ((dir != null) && (dir.LastIndexOfAny (BadPathNameCharacters) >= 0)) {
+				string msg = String.Format (Locale.GetText ("Invalid path characters in path: '{0}'"), path);

+				throw new ArgumentException (msg, "path");

+			}
+

+			string fname = Path.GetFileName (path);
+			if ((fname != null) && (fname.LastIndexOfAny (BadFileNameCharacters) >= 0)) {
+				string msg = String.Format (Locale.GetText ("Invalid filename characters in path: '{0}'"), path);

+				throw new ArgumentException (msg, "path");

+			}
+#else
 			if (path.LastIndexOfAny (m_badCharacters) >= 0) {

 				string msg = String.Format (Locale.GetText ("Invalid characters in path: '{0}'"), path);

 				throw new ArgumentException (msg, "path");

-			}

+			}
+#endif

 			// LAMESPEC: docs don't say it must be a rooted path, but the MS implementation enforces it, so we will too.

 			if (!Path.IsPathRooted (path)) {
 				string msg = Locale.GetText ("Absolute path information is required.");