From 58ec03fa7f34ea04f779155450bfe7930eed0d77 Mon Sep 17 00:00:00 2001 From: Sebastien Pouliot Date: Fri, 7 Apr 2006 17:21:45 +0000 Subject: 2006-04-07 Sebastien Pouliot * FileIOPermission.cs: Ensure the "bad" path characters match the OS ones. Reworked the code to avoid the modifiable array trap present in Fx 1.x and to be more precise in the 2.0 profile. svn path=/trunk/mcs/; revision=59197 --- .../corlib/System.Security.Permissions/ChangeLog | 6 ++++ .../FileIOPermission.cs | 39 ++++++++++++++++++++-- 2 files changed, 43 insertions(+), 2 deletions(-) (limited to 'mcs/class/corlib/System.Security.Permissions') diff --git a/mcs/class/corlib/System.Security.Permissions/ChangeLog b/mcs/class/corlib/System.Security.Permissions/ChangeLog index 58575413bc7..3eae1ea941d 100644 --- a/mcs/class/corlib/System.Security.Permissions/ChangeLog +++ b/mcs/class/corlib/System.Security.Permissions/ChangeLog @@ -1,3 +1,9 @@ +2006-04-07 Sebastien Pouliot + + * FileIOPermission.cs: Ensure the "bad" path characters match the OS + ones. Reworked the code to avoid the modifiable array trap present in + Fx 1.x and to be more precise in the 2.0 profile. + 2005-11-14 Carlos Alberto Cortez * IsolatedStoragePermission.cs: Updated FromXml with diff --git a/mcs/class/corlib/System.Security.Permissions/FileIOPermission.cs b/mcs/class/corlib/System.Security.Permissions/FileIOPermission.cs index 791b8eb03d4..cba7df96023 100644 --- a/mcs/class/corlib/System.Security.Permissions/FileIOPermission.cs +++ b/mcs/class/corlib/System.Security.Permissions/FileIOPermission.cs @@ -47,7 +47,28 @@ namespace System.Security.Permissions { : CodeAccessPermission, IBuiltInPermission, IUnrestrictedPermission { private const int version = 1; - private static char[] m_badCharacters = {'\"','<', '>', '|', '*', '?'}; + +#if NET_2_0 + private static char[] BadPathNameCharacters; + private static char[] BadFileNameCharacters; + + static FileIOPermission () + { + // we keep a local (static) copies to avoid calls/allocations + BadPathNameCharacters = Path.GetInvalidPathChars (); + BadFileNameCharacters = Path.GetInvalidFileNameChars (); + } +#else + private static char[] m_badCharacters; + + static FileIOPermission () + { + // note: deprecated in 2.0 as InvalidPathChars is an array (i.e. items can be + // modified). Anyway we keep our own copy, which should be called by the + // security manager before anyone has the chance to change it. + m_badCharacters = (char[]) Path.InvalidPathChars.Clone (); + } +#endif private bool m_Unrestricted = false; private FileIOPermissionAccess m_AllFilesAccess = FileIOPermissionAccess.NoAccess; @@ -438,10 +459,24 @@ namespace System.Security.Permissions { internal void ThrowIfInvalidPath (string path) { +#if NET_2_0 + string dir = Path.GetDirectoryName (path); + if ((dir != null) && (dir.LastIndexOfAny (BadPathNameCharacters) >= 0)) { + string msg = String.Format (Locale.GetText ("Invalid path characters in path: '{0}'"), path); + throw new ArgumentException (msg, "path"); + } + + string fname = Path.GetFileName (path); + if ((fname != null) && (fname.LastIndexOfAny (BadFileNameCharacters) >= 0)) { + string msg = String.Format (Locale.GetText ("Invalid filename characters in path: '{0}'"), path); + throw new ArgumentException (msg, "path"); + } +#else if (path.LastIndexOfAny (m_badCharacters) >= 0) { string msg = String.Format (Locale.GetText ("Invalid characters in path: '{0}'"), path); throw new ArgumentException (msg, "path"); - } + } +#endif // LAMESPEC: docs don't say it must be a rooted path, but the MS implementation enforces it, so we will too. if (!Path.IsPathRooted (path)) { string msg = Locale.GetText ("Absolute path information is required."); -- cgit v1.2.3