From 81e3ae4753774cf33e6f5bcaf1dc479e1dc5831c Mon Sep 17 00:00:00 2001 From: Jasper Knockaert Date: Tue, 5 Jan 2021 11:14:49 +0100 Subject: avoid fread on directories and unencrypted files Reworking the logic in order to first check the filecache and only then reading the fileheader. This in order to solve #21578. --- lib/private/Files/Storage/Wrapper/Encryption.php | 29 +++++++++++++----------- 1 file changed, 16 insertions(+), 13 deletions(-) (limited to 'lib/private/Files/Storage') diff --git a/lib/private/Files/Storage/Wrapper/Encryption.php b/lib/private/Files/Storage/Wrapper/Encryption.php index ef44be5cefb..b37fcdb2bd0 100644 --- a/lib/private/Files/Storage/Wrapper/Encryption.php +++ b/lib/private/Files/Storage/Wrapper/Encryption.php @@ -929,19 +929,22 @@ class Encryption extends Wrapper { $path = $realFile; } - $firstBlock = $this->readFirstBlock($path); - $result = $this->parseRawHeader($firstBlock); - - // if the header doesn't contain a encryption module we check if it is a - // legacy file. If true, we add the default encryption module - if (!isset($result[Util::HEADER_ENCRYPTION_MODULE_KEY])) { - if (!empty($result)) { - $result[Util::HEADER_ENCRYPTION_MODULE_KEY] = 'OC_DEFAULT_MODULE'; - } elseif ($exists) { - // if the header was empty we have to check first if it is a encrypted file at all - // We would do query to filecache only if we know that entry in filecache exists - $info = $this->getCache()->get($path); - if (isset($info['encrypted']) && $info['encrypted'] === true) { + $result = []; + + // first check if it is an encrypted file at all + // We would do query to filecache only if we know that entry in filecache exists + + $info = $this->getCache()->get($path); + if (isset($info['encrypted']) && $info['encrypted'] === true) { + $firstBlock = $this->readFirstBlock($path); + $result = $this->parseRawHeader($firstBlock); + + // if the header doesn't contain a encryption module we check if it is a + // legacy file. If true, we add the default encryption module + if (!isset($result[Util::HEADER_ENCRYPTION_MODULE_KEY])) { + if (!empty($result)) { + $result[Util::HEADER_ENCRYPTION_MODULE_KEY] = 'OC_DEFAULT_MODULE'; + } elseif ($exists) { $result[Util::HEADER_ENCRYPTION_MODULE_KEY] = 'OC_DEFAULT_MODULE'; } } -- cgit v1.2.3 From f9a0380eb1da63a9d70c039d458897aa2366b2ca Mon Sep 17 00:00:00 2001 From: Jasper Knockaert Date: Sat, 16 Jan 2021 14:33:44 +0100 Subject: consolidation of boolean expression --- lib/private/Files/Storage/Wrapper/Encryption.php | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) (limited to 'lib/private/Files/Storage') diff --git a/lib/private/Files/Storage/Wrapper/Encryption.php b/lib/private/Files/Storage/Wrapper/Encryption.php index b37fcdb2bd0..c4953eddf23 100644 --- a/lib/private/Files/Storage/Wrapper/Encryption.php +++ b/lib/private/Files/Storage/Wrapper/Encryption.php @@ -941,11 +941,8 @@ class Encryption extends Wrapper { // if the header doesn't contain a encryption module we check if it is a // legacy file. If true, we add the default encryption module - if (!isset($result[Util::HEADER_ENCRYPTION_MODULE_KEY])) { - if (!empty($result)) { - $result[Util::HEADER_ENCRYPTION_MODULE_KEY] = 'OC_DEFAULT_MODULE'; - } elseif ($exists) { - $result[Util::HEADER_ENCRYPTION_MODULE_KEY] = 'OC_DEFAULT_MODULE'; + if (!isset($result[Util::HEADER_ENCRYPTION_MODULE_KEY] && (!empty($result) || $exists)) { + $result[Util::HEADER_ENCRYPTION_MODULE_KEY] = 'OC_DEFAULT_MODULE'; } } } -- cgit v1.2.3 From 252d1ae512eef3c093cfe05fe63783ffca2b3bc5 Mon Sep 17 00:00:00 2001 From: Jasper Knockaert Date: Sat, 16 Jan 2021 14:38:19 +0100 Subject: fix brakcets --- lib/private/Files/Storage/Wrapper/Encryption.php | 1 - 1 file changed, 1 deletion(-) (limited to 'lib/private/Files/Storage') diff --git a/lib/private/Files/Storage/Wrapper/Encryption.php b/lib/private/Files/Storage/Wrapper/Encryption.php index c4953eddf23..5505a61ead2 100644 --- a/lib/private/Files/Storage/Wrapper/Encryption.php +++ b/lib/private/Files/Storage/Wrapper/Encryption.php @@ -943,7 +943,6 @@ class Encryption extends Wrapper { // legacy file. If true, we add the default encryption module if (!isset($result[Util::HEADER_ENCRYPTION_MODULE_KEY] && (!empty($result) || $exists)) { $result[Util::HEADER_ENCRYPTION_MODULE_KEY] = 'OC_DEFAULT_MODULE'; - } } } -- cgit v1.2.3 From 40fde94b4d019f5c1914225d5be6854241abeb9c Mon Sep 17 00:00:00 2001 From: Jasper Knockaert Date: Sat, 16 Jan 2021 14:49:53 +0100 Subject: fix even more brackets Signed-off-by: Jasper Knockaert jasper@knockaert.nl --- lib/private/Files/Storage/Wrapper/Encryption.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/private/Files/Storage') diff --git a/lib/private/Files/Storage/Wrapper/Encryption.php b/lib/private/Files/Storage/Wrapper/Encryption.php index 5505a61ead2..4ac10923968 100644 --- a/lib/private/Files/Storage/Wrapper/Encryption.php +++ b/lib/private/Files/Storage/Wrapper/Encryption.php @@ -941,7 +941,7 @@ class Encryption extends Wrapper { // if the header doesn't contain a encryption module we check if it is a // legacy file. If true, we add the default encryption module - if (!isset($result[Util::HEADER_ENCRYPTION_MODULE_KEY] && (!empty($result) || $exists)) { + if (!isset($result[Util::HEADER_ENCRYPTION_MODULE_KEY]) && (!empty($result) || $exists)) { $result[Util::HEADER_ENCRYPTION_MODULE_KEY] = 'OC_DEFAULT_MODULE'; } } -- cgit v1.2.3 From e5dc1a8085226492b6d323142381fd163451c06d Mon Sep 17 00:00:00 2001 From: Robin Appelman Date: Fri, 22 Jan 2021 15:44:24 +0100 Subject: Set umask before operations that create local files this solves issues where "other php stuff" is messing with the umask Signed-off-by: Robin Appelman --- lib/private/Files/Storage/Local.php | 20 ++++++++++++++++---- 1 file changed, 16 insertions(+), 4 deletions(-) (limited to 'lib/private/Files/Storage') diff --git a/lib/private/Files/Storage/Local.php b/lib/private/Files/Storage/Local.php index 944b0b69959..47d3bb8f189 100644 --- a/lib/private/Files/Storage/Local.php +++ b/lib/private/Files/Storage/Local.php @@ -87,8 +87,9 @@ class Local extends \OC\Files\Storage\Common { public function mkdir($path) { $sourcePath = $this->getSourcePath($path); + $oldMask = umask(022); $result = @mkdir($sourcePath, 0777, true); - chmod($sourcePath, 0755); + umask($oldMask); return $result; } @@ -258,11 +259,13 @@ class Local extends \OC\Files\Storage\Common { if ($this->file_exists($path) and !$this->isUpdatable($path)) { return false; } + $oldMask = umask(022); if (!is_null($mtime)) { $result = @touch($this->getSourcePath($path), $mtime); } else { $result = @touch($this->getSourcePath($path)); } + umask($oldMask); if ($result) { clearstatcache(true, $this->getSourcePath($path)); } @@ -275,7 +278,10 @@ class Local extends \OC\Files\Storage\Common { } public function file_put_contents($path, $data) { - return file_put_contents($this->getSourcePath($path), $data); + $oldMask = umask(022); + $result = file_put_contents($this->getSourcePath($path), $data); + umask($oldMask); + return $result; } public function unlink($path) { @@ -349,12 +355,18 @@ class Local extends \OC\Files\Storage\Common { if ($this->is_dir($path1)) { return parent::copy($path1, $path2); } else { - return copy($this->getSourcePath($path1), $this->getSourcePath($path2)); + $oldMask = umask(022); + $result = copy($this->getSourcePath($path1), $this->getSourcePath($path2)); + umask($oldMask); + return $result; } } public function fopen($path, $mode) { - return fopen($this->getSourcePath($path), $mode); + $oldMask = umask(022); + $result = fopen($this->getSourcePath($path), $mode); + umask($oldMask); + return $result; } public function hash($type, $path, $raw = false) { -- cgit v1.2.3 From aee4caed07bbb8739befd80c686e1f56943c4d12 Mon Sep 17 00:00:00 2001 From: Robin Appelman Date: Fri, 19 Jun 2020 14:57:58 +0200 Subject: show better error messages when a file with a forbidden path is encountered Signed-off-by: Robin Appelman --- lib/private/Files/Storage/Local.php | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) (limited to 'lib/private/Files/Storage') diff --git a/lib/private/Files/Storage/Local.php b/lib/private/Files/Storage/Local.php index 944b0b69959..c21364847e1 100644 --- a/lib/private/Files/Storage/Local.php +++ b/lib/private/Files/Storage/Local.php @@ -288,16 +288,14 @@ class Local extends \OC\Files\Storage\Common { } } - private function treeContainsBlacklistedFile(string $path): bool { + private function checkTreeForForbiddenItems(string $path) { $iterator = new \RecursiveIteratorIterator(new \RecursiveDirectoryIterator($path)); foreach ($iterator as $file) { /** @var \SplFileInfo $file */ if (Filesystem::isFileBlacklisted($file->getBasename())) { - return true; + throw new ForbiddenException('Invalid path: ' . $file->getPathname(), false); } } - - return false; } public function rename($path1, $path2) { @@ -337,9 +335,7 @@ class Local extends \OC\Files\Storage\Common { return $result; } - if ($this->treeContainsBlacklistedFile($this->getSourcePath($path1))) { - throw new ForbiddenException('Invalid path', false); - } + $this->checkTreeForForbiddenItems($this->getSourcePath($path1)); } return rename($this->getSourcePath($path1), $this->getSourcePath($path2)); @@ -437,7 +433,7 @@ class Local extends \OC\Files\Storage\Common { */ public function getSourcePath($path) { if (Filesystem::isFileBlacklisted($path)) { - throw new ForbiddenException('Invalid path', false); + throw new ForbiddenException('Invalid path: ' . $path, false); } $fullPath = $this->datadir . $path; -- cgit v1.2.3 From ed2d02d5f1000c76776c6e8dbe24fa787ffe6d0d Mon Sep 17 00:00:00 2001 From: Robin Appelman Date: Tue, 27 Apr 2021 15:43:34 +0200 Subject: better cleanup of user files on user deletion Signed-off-by: Robin Appelman --- lib/private/Files/Storage/Common.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/private/Files/Storage') diff --git a/lib/private/Files/Storage/Common.php b/lib/private/Files/Storage/Common.php index aa2aeee403b..21baea1b78f 100644 --- a/lib/private/Files/Storage/Common.php +++ b/lib/private/Files/Storage/Common.php @@ -153,7 +153,7 @@ abstract class Common implements Storage, ILockingStorage, IWriteStreamStorage { public function isDeletable($path) { if ($path === '' || $path === '/') { - return false; + return $this->isUpdatable($path); } $parent = dirname($path); return $this->isUpdatable($parent) && $this->isUpdatable($path); -- cgit v1.2.3 From 215aef3cbdc1963be1bb6bca5218ee0a4b7f1665 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?John=20Molakvo=C3=A6=20=28skjnldsv=29?= Date: Fri, 4 Jun 2021 21:52:51 +0200 Subject: Update php licenses MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: John Molakvoæ (skjnldsv) --- lib/private/Files/Storage/Common.php | 2 +- lib/private/Files/Storage/CommonTest.php | 5 ----- lib/private/Files/Storage/DAV.php | 1 - lib/private/Files/Storage/FailedStorage.php | 1 - lib/private/Files/Storage/Flysystem.php | 1 - lib/private/Files/Storage/Home.php | 1 - lib/private/Files/Storage/Local.php | 2 +- lib/private/Files/Storage/LocalRootStorage.php | 3 +-- lib/private/Files/Storage/LocalTempFileTrait.php | 1 - lib/private/Files/Storage/PolyFill/CopyDirectory.php | 1 - lib/private/Files/Storage/Storage.php | 1 - lib/private/Files/Storage/StorageFactory.php | 1 - lib/private/Files/Storage/Temporary.php | 1 - lib/private/Files/Storage/Wrapper/Availability.php | 1 - lib/private/Files/Storage/Wrapper/Encoding.php | 2 +- lib/private/Files/Storage/Wrapper/Encryption.php | 2 +- lib/private/Files/Storage/Wrapper/Jail.php | 1 - lib/private/Files/Storage/Wrapper/PermissionsMask.php | 1 - lib/private/Files/Storage/Wrapper/Quota.php | 3 +-- lib/private/Files/Storage/Wrapper/Wrapper.php | 1 - 20 files changed, 6 insertions(+), 26 deletions(-) (limited to 'lib/private/Files/Storage') diff --git a/lib/private/Files/Storage/Common.php b/lib/private/Files/Storage/Common.php index 21baea1b78f..5a9cbe7c008 100644 --- a/lib/private/Files/Storage/Common.php +++ b/lib/private/Files/Storage/Common.php @@ -9,6 +9,7 @@ * @author hkjolhede * @author Joas Schilling * @author Jörn Friedrich Dreyer + * @author Julius Härtl * @author Lukas Reschke * @author Martin Mattel * @author Michael Gapczynski @@ -39,7 +40,6 @@ * along with this program. If not, see * */ - namespace OC\Files\Storage; use OC\Files\Cache\Cache; diff --git a/lib/private/Files/Storage/CommonTest.php b/lib/private/Files/Storage/CommonTest.php index 43a87f8d704..3800bba2b52 100644 --- a/lib/private/Files/Storage/CommonTest.php +++ b/lib/private/Files/Storage/CommonTest.php @@ -26,11 +26,6 @@ * along with this program. If not, see * */ - -/** - * test implementation for \OC\Files\Storage\Common with \OC\Files\Storage\Local - */ - namespace OC\Files\Storage; class CommonTest extends \OC\Files\Storage\Common { diff --git a/lib/private/Files/Storage/DAV.php b/lib/private/Files/Storage/DAV.php index 8f09452e1fb..161f346e52f 100644 --- a/lib/private/Files/Storage/DAV.php +++ b/lib/private/Files/Storage/DAV.php @@ -35,7 +35,6 @@ * along with this program. If not, see * */ - namespace OC\Files\Storage; use Exception; diff --git a/lib/private/Files/Storage/FailedStorage.php b/lib/private/Files/Storage/FailedStorage.php index bb97fe73875..18a2c9c2bb5 100644 --- a/lib/private/Files/Storage/FailedStorage.php +++ b/lib/private/Files/Storage/FailedStorage.php @@ -23,7 +23,6 @@ * along with this program. If not, see * */ - namespace OC\Files\Storage; use OC\Files\Cache\FailedCache; diff --git a/lib/private/Files/Storage/Flysystem.php b/lib/private/Files/Storage/Flysystem.php index c5105187652..d31d0a469d2 100644 --- a/lib/private/Files/Storage/Flysystem.php +++ b/lib/private/Files/Storage/Flysystem.php @@ -22,7 +22,6 @@ * along with this program. If not, see * */ - namespace OC\Files\Storage; use Icewind\Streams\CallbackWrapper; diff --git a/lib/private/Files/Storage/Home.php b/lib/private/Files/Storage/Home.php index 5c35c93bfc8..5427bc425c2 100644 --- a/lib/private/Files/Storage/Home.php +++ b/lib/private/Files/Storage/Home.php @@ -23,7 +23,6 @@ * along with this program. If not, see * */ - namespace OC\Files\Storage; use OC\Files\Cache\HomePropagator; diff --git a/lib/private/Files/Storage/Local.php b/lib/private/Files/Storage/Local.php index a29fc6c02de..d116d2e0fb1 100644 --- a/lib/private/Files/Storage/Local.php +++ b/lib/private/Files/Storage/Local.php @@ -11,6 +11,7 @@ * @author J0WI * @author Jakob Sack * @author Joas Schilling + * @author Johannes Leuker * @author Jörn Friedrich Dreyer * @author Klaas Freitag * @author Lukas Reschke @@ -39,7 +40,6 @@ * along with this program. If not, see * */ - namespace OC\Files\Storage; use OC\Files\Filesystem; diff --git a/lib/private/Files/Storage/LocalRootStorage.php b/lib/private/Files/Storage/LocalRootStorage.php index 6f954212484..71584afef08 100644 --- a/lib/private/Files/Storage/LocalRootStorage.php +++ b/lib/private/Files/Storage/LocalRootStorage.php @@ -16,14 +16,13 @@ declare(strict_types=1); * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Affero General Public License for more details. * * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see . * */ - namespace OC\Files\Storage; use OC\Files\Cache\LocalRootScanner; diff --git a/lib/private/Files/Storage/LocalTempFileTrait.php b/lib/private/Files/Storage/LocalTempFileTrait.php index 0a3785d92dd..2a1338148f5 100644 --- a/lib/private/Files/Storage/LocalTempFileTrait.php +++ b/lib/private/Files/Storage/LocalTempFileTrait.php @@ -21,7 +21,6 @@ * along with this program. If not, see * */ - namespace OC\Files\Storage; /** diff --git a/lib/private/Files/Storage/PolyFill/CopyDirectory.php b/lib/private/Files/Storage/PolyFill/CopyDirectory.php index 6a12089c70a..ff05eecb134 100644 --- a/lib/private/Files/Storage/PolyFill/CopyDirectory.php +++ b/lib/private/Files/Storage/PolyFill/CopyDirectory.php @@ -21,7 +21,6 @@ * along with this program. If not, see * */ - namespace OC\Files\Storage\PolyFill; trait CopyDirectory { diff --git a/lib/private/Files/Storage/Storage.php b/lib/private/Files/Storage/Storage.php index 73793aa31fb..75f8295caa0 100644 --- a/lib/private/Files/Storage/Storage.php +++ b/lib/private/Files/Storage/Storage.php @@ -22,7 +22,6 @@ * along with this program. If not, see * */ - namespace OC\Files\Storage; use OCP\Lock\ILockingProvider; diff --git a/lib/private/Files/Storage/StorageFactory.php b/lib/private/Files/Storage/StorageFactory.php index 2e7dd732edd..cab739c4a81 100644 --- a/lib/private/Files/Storage/StorageFactory.php +++ b/lib/private/Files/Storage/StorageFactory.php @@ -22,7 +22,6 @@ * along with this program. If not, see * */ - namespace OC\Files\Storage; use OCP\Files\Mount\IMountPoint; diff --git a/lib/private/Files/Storage/Temporary.php b/lib/private/Files/Storage/Temporary.php index 686600e5d21..393a37f834a 100644 --- a/lib/private/Files/Storage/Temporary.php +++ b/lib/private/Files/Storage/Temporary.php @@ -23,7 +23,6 @@ * along with this program. If not, see * */ - namespace OC\Files\Storage; /** diff --git a/lib/private/Files/Storage/Wrapper/Availability.php b/lib/private/Files/Storage/Wrapper/Availability.php index 61814a0d087..b6d1ba2178b 100644 --- a/lib/private/Files/Storage/Wrapper/Availability.php +++ b/lib/private/Files/Storage/Wrapper/Availability.php @@ -24,7 +24,6 @@ * along with this program. If not, see * */ - namespace OC\Files\Storage\Wrapper; use OCP\Files\Storage\IStorage; diff --git a/lib/private/Files/Storage/Wrapper/Encoding.php b/lib/private/Files/Storage/Wrapper/Encoding.php index e2b486546af..ac27697e68c 100644 --- a/lib/private/Files/Storage/Wrapper/Encoding.php +++ b/lib/private/Files/Storage/Wrapper/Encoding.php @@ -5,6 +5,7 @@ * @author Christoph Wurst * @author J0WI * @author Lukas Reschke + * @author Morris Jobke * @author Robin Appelman * @author Roeland Jago Douma * @author Tigran Mkrtchyan @@ -25,7 +26,6 @@ * along with this program. If not, see * */ - namespace OC\Files\Storage\Wrapper; use OC\Cache\CappedMemoryCache; diff --git a/lib/private/Files/Storage/Wrapper/Encryption.php b/lib/private/Files/Storage/Wrapper/Encryption.php index 64c9b0a4a66..3c65cdbc8f6 100644 --- a/lib/private/Files/Storage/Wrapper/Encryption.php +++ b/lib/private/Files/Storage/Wrapper/Encryption.php @@ -7,6 +7,7 @@ * @author Björn Schießle * @author Christoph Wurst * @author J0WI + * @author jknockaert * @author Joas Schilling * @author Lukas Reschke * @author Morris Jobke @@ -32,7 +33,6 @@ * along with this program. If not, see * */ - namespace OC\Files\Storage\Wrapper; use OC\Encryption\Exceptions\ModuleDoesNotExistsException; diff --git a/lib/private/Files/Storage/Wrapper/Jail.php b/lib/private/Files/Storage/Wrapper/Jail.php index 276f00af33c..4d254b34d46 100644 --- a/lib/private/Files/Storage/Wrapper/Jail.php +++ b/lib/private/Files/Storage/Wrapper/Jail.php @@ -26,7 +26,6 @@ * along with this program. If not, see * */ - namespace OC\Files\Storage\Wrapper; use OC\Files\Cache\Wrapper\CacheJail; diff --git a/lib/private/Files/Storage/Wrapper/PermissionsMask.php b/lib/private/Files/Storage/Wrapper/PermissionsMask.php index 9c2d123b7bf..e54d3bb721a 100644 --- a/lib/private/Files/Storage/Wrapper/PermissionsMask.php +++ b/lib/private/Files/Storage/Wrapper/PermissionsMask.php @@ -25,7 +25,6 @@ * along with this program. If not, see * */ - namespace OC\Files\Storage\Wrapper; use OC\Files\Cache\Wrapper\CachePermissionsMask; diff --git a/lib/private/Files/Storage/Wrapper/Quota.php b/lib/private/Files/Storage/Wrapper/Quota.php index d631dae7747..4cd0a5e0b4a 100644 --- a/lib/private/Files/Storage/Wrapper/Quota.php +++ b/lib/private/Files/Storage/Wrapper/Quota.php @@ -4,7 +4,7 @@ * * @author Christoph Wurst * @author J0WI - * @author John Molakvoæ (skjnldsv) + * @author John Molakvoæ * @author Jörn Friedrich Dreyer * @author Julius Härtl * @author Lukas Reschke @@ -30,7 +30,6 @@ * along with this program. If not, see * */ - namespace OC\Files\Storage\Wrapper; use OC\Files\Filesystem; diff --git a/lib/private/Files/Storage/Wrapper/Wrapper.php b/lib/private/Files/Storage/Wrapper/Wrapper.php index cffe610c6c2..ec1da92f317 100644 --- a/lib/private/Files/Storage/Wrapper/Wrapper.php +++ b/lib/private/Files/Storage/Wrapper/Wrapper.php @@ -29,7 +29,6 @@ * along with this program. If not, see * */ - namespace OC\Files\Storage\Wrapper; use OCP\Files\InvalidPathException; -- cgit v1.2.3 From 0469acfb209f5851d2fcadf46654d59bf1637055 Mon Sep 17 00:00:00 2001 From: Rid Date: Thu, 17 Jun 2021 11:44:44 +0100 Subject: Fix scanner mistaking socket files for directories Signed-off-by: Rid --- lib/private/Files/Storage/Local.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'lib/private/Files/Storage') diff --git a/lib/private/Files/Storage/Local.php b/lib/private/Files/Storage/Local.php index d116d2e0fb1..ccd331f515f 100644 --- a/lib/private/Files/Storage/Local.php +++ b/lib/private/Files/Storage/Local.php @@ -169,7 +169,7 @@ class Local extends \OC\Files\Storage\Common { $permissions = Constants::PERMISSION_SHARE; $statPermissions = $stat['mode']; - $isDir = ($statPermissions & 0x4000) === 0x4000; + $isDir = ($statPermissions & 0x4000) === 0x4000 && !($statPermissions & 0x8000); if ($statPermissions & 0x0100) { $permissions += Constants::PERMISSION_READ; } @@ -492,7 +492,7 @@ class Local extends \OC\Files\Storage\Common { } private function calculateEtag(string $path, array $stat): string { - if ($stat['mode'] & 0x4000) { // is_dir + if ($stat['mode'] & 0x4000 && !($stat['mode'] & 0x8000)) { // is_dir & not socket return parent::getETag($path); } else { if ($stat === false) { -- cgit v1.2.3 From 28359571de19e68cff980d5523649256dc9df132 Mon Sep 17 00:00:00 2001 From: Lukas Reschke Date: Mon, 12 Jul 2021 13:21:06 +0200 Subject: Remove Flysystem storage class This seems unused as per https://github.com/nextcloud/server/issues/27768 and may allow us to get rid of one more dependency. Signed-off-by: Lukas Reschke --- lib/private/Files/Storage/Flysystem.php | 264 -------------------------------- 1 file changed, 264 deletions(-) delete mode 100644 lib/private/Files/Storage/Flysystem.php (limited to 'lib/private/Files/Storage') diff --git a/lib/private/Files/Storage/Flysystem.php b/lib/private/Files/Storage/Flysystem.php deleted file mode 100644 index d31d0a469d2..00000000000 --- a/lib/private/Files/Storage/Flysystem.php +++ /dev/null @@ -1,264 +0,0 @@ - - * @author Robin Appelman - * @author Roeland Jago Douma - * @author Tigran Mkrtchyan - * - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see - * - */ -namespace OC\Files\Storage; - -use Icewind\Streams\CallbackWrapper; -use Icewind\Streams\IteratorDirectory; -use League\Flysystem\AdapterInterface; -use League\Flysystem\FileNotFoundException; -use League\Flysystem\Filesystem; -use League\Flysystem\Plugin\GetWithMetadata; - -/** - * Generic adapter between flysystem adapters and owncloud's storage system - * - * To use: subclass and call $this->buildFlysystem with the flysystem adapter of choice - */ -abstract class Flysystem extends Common { - /** - * @var Filesystem - */ - protected $flysystem; - - /** - * @var string - */ - protected $root = ''; - - /** - * Initialize the storage backend with a flyssytem adapter - * - * @param \League\Flysystem\AdapterInterface $adapter - */ - protected function buildFlySystem(AdapterInterface $adapter) { - $this->flysystem = new Filesystem($adapter); - $this->flysystem->addPlugin(new GetWithMetadata()); - } - - protected function buildPath($path) { - $fullPath = \OC\Files\Filesystem::normalizePath($this->root . '/' . $path); - return ltrim($fullPath, '/'); - } - - /** - * {@inheritdoc} - */ - public function file_get_contents($path) { - return $this->flysystem->read($this->buildPath($path)); - } - - /** - * {@inheritdoc} - */ - public function file_put_contents($path, $data) { - $result = $this->flysystem->put($this->buildPath($path), $data); - if ($result === true) { - return strlen($data); - } - return $result; - } - - /** - * {@inheritdoc} - */ - public function file_exists($path) { - return $this->flysystem->has($this->buildPath($path)); - } - - /** - * {@inheritdoc} - */ - public function unlink($path) { - if ($this->is_dir($path)) { - return $this->rmdir($path); - } - try { - return $this->flysystem->delete($this->buildPath($path)); - } catch (FileNotFoundException $e) { - return false; - } - } - - /** - * {@inheritdoc} - */ - public function rename($source, $target) { - if ($this->file_exists($target)) { - $this->unlink($target); - } - return $this->flysystem->rename($this->buildPath($source), $this->buildPath($target)); - } - - /** - * {@inheritdoc} - */ - public function copy($source, $target) { - if ($this->file_exists($target)) { - $this->unlink($target); - } - return $this->flysystem->copy($this->buildPath($source), $this->buildPath($target)); - } - - /** - * {@inheritdoc} - */ - public function filesize($path) { - if ($this->is_dir($path)) { - return 0; - } else { - return $this->flysystem->getSize($this->buildPath($path)); - } - } - - /** - * {@inheritdoc} - */ - public function mkdir($path) { - if ($this->file_exists($path)) { - return false; - } - return $this->flysystem->createDir($this->buildPath($path)); - } - - /** - * {@inheritdoc} - */ - public function filemtime($path) { - return $this->flysystem->getTimestamp($this->buildPath($path)); - } - - /** - * {@inheritdoc} - */ - public function rmdir($path) { - try { - return @$this->flysystem->deleteDir($this->buildPath($path)); - } catch (FileNotFoundException $e) { - return false; - } - } - - /** - * {@inheritdoc} - */ - public function opendir($path) { - try { - $content = $this->flysystem->listContents($this->buildPath($path)); - } catch (FileNotFoundException $e) { - return false; - } - $names = array_map(function ($object) { - return $object['basename']; - }, $content); - return IteratorDirectory::wrap($names); - } - - /** - * {@inheritdoc} - */ - public function fopen($path, $mode) { - $fullPath = $this->buildPath($path); - $useExisting = true; - switch ($mode) { - case 'r': - case 'rb': - try { - return $this->flysystem->readStream($fullPath); - } catch (FileNotFoundException $e) { - return false; - } - case 'w': - case 'w+': - case 'wb': - case 'wb+': - $useExisting = false; - // no break - case 'a': - case 'ab': - case 'r+': - case 'a+': - case 'x': - case 'x+': - case 'c': - case 'c+': - //emulate these - if ($useExisting and $this->file_exists($path)) { - if (!$this->isUpdatable($path)) { - return false; - } - $tmpFile = $this->getCachedFile($path); - } else { - if (!$this->isCreatable(dirname($path))) { - return false; - } - $tmpFile = \OC::$server->getTempManager()->getTemporaryFile(); - } - $source = fopen($tmpFile, $mode); - return CallbackWrapper::wrap($source, null, null, function () use ($tmpFile, $fullPath) { - $this->flysystem->putStream($fullPath, fopen($tmpFile, 'r')); - unlink($tmpFile); - }); - } - return false; - } - - /** - * {@inheritdoc} - */ - public function touch($path, $mtime = null) { - if ($this->file_exists($path)) { - return false; - } else { - $this->file_put_contents($path, ''); - return true; - } - } - - /** - * {@inheritdoc} - */ - public function stat($path) { - $info = $this->flysystem->getWithMetadata($this->buildPath($path), ['timestamp', 'size']); - return [ - 'mtime' => $info['timestamp'], - 'size' => $info['size'] - ]; - } - - /** - * {@inheritdoc} - */ - public function filetype($path) { - if ($path === '' or $path === '/' or $path === '.') { - return 'dir'; - } - try { - $info = $this->flysystem->getMetadata($this->buildPath($path)); - } catch (FileNotFoundException $e) { - return false; - } - return $info['type']; - } -} -- cgit v1.2.3 From 28970563a219189c35dea38bf5c71ac404f84754 Mon Sep 17 00:00:00 2001 From: Carl Schwan Date: Thu, 29 Jul 2021 15:56:30 +0200 Subject: Remove some mentions of ownCloud from our api documentation Signed-off-by: Carl Schwan --- lib/private/Files/Storage/Common.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'lib/private/Files/Storage') diff --git a/lib/private/Files/Storage/Common.php b/lib/private/Files/Storage/Common.php index 5a9cbe7c008..0814e296492 100644 --- a/lib/private/Files/Storage/Common.php +++ b/lib/private/Files/Storage/Common.php @@ -316,12 +316,12 @@ abstract class Common implements Storage, ILockingStorage, IWriteStreamStorage { } /** - * check if a file or folder has been updated since $time + * Check if a file or folder has been updated since $time * * The method is only used to check if the cache needs to be updated. Storage backends that don't support checking * the mtime should always return false here. As a result storage implementations that always return false expect * exclusive access to the backend and will not pick up files that have been added in a way that circumvents - * ownClouds filesystem. + * Nextcloud filesystem. * * @param string $path * @param int $time -- cgit v1.2.3 From bc3c46362abfb569a1919cdfca2762a0d15d520c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julius=20H=C3=A4rtl?= Date: Tue, 17 Nov 2020 14:29:56 +0100 Subject: Make sure that a empty directory can still be deleted when copied from another storage MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Julius Härtl --- lib/private/Files/Storage/Common.php | 1 + 1 file changed, 1 insertion(+) (limited to 'lib/private/Files/Storage') diff --git a/lib/private/Files/Storage/Common.php b/lib/private/Files/Storage/Common.php index 0814e296492..4c07426dd70 100644 --- a/lib/private/Files/Storage/Common.php +++ b/lib/private/Files/Storage/Common.php @@ -612,6 +612,7 @@ abstract class Common implements Storage, ILockingStorage, IWriteStreamStorage { $dh = $sourceStorage->opendir($sourceInternalPath); $result = $this->mkdir($targetInternalPath); if (is_resource($dh)) { + $result = true; while ($result and ($file = readdir($dh)) !== false) { if (!Filesystem::isIgnoredDir($file)) { $result &= $this->copyFromStorage($sourceStorage, $sourceInternalPath . '/' . $file, $targetInternalPath . '/' . $file); -- cgit v1.2.3 From e60a829b42f0f4b74db835d8e10438a33e125051 Mon Sep 17 00:00:00 2001 From: Daniel Kesselberg Date: Mon, 20 Sep 2021 19:20:51 +0200 Subject: explicitly close source stream on local storage Signed-off-by: Daniel Kesselberg --- lib/private/Files/Storage/Local.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'lib/private/Files/Storage') diff --git a/lib/private/Files/Storage/Local.php b/lib/private/Files/Storage/Local.php index ccd331f515f..eea04bd8676 100644 --- a/lib/private/Files/Storage/Local.php +++ b/lib/private/Files/Storage/Local.php @@ -568,8 +568,11 @@ class Local extends \OC\Files\Storage\Common { public function writeStream(string $path, $stream, int $size = null): int { $result = $this->file_put_contents($path, $stream); + if (is_resource($stream)) { + fclose($stream); + } if ($result === false) { - throw new GenericFileException("Failed write steam to $path"); + throw new GenericFileException("Failed write stream to $path"); } else { return $result; } -- cgit v1.2.3 From be3f4edf1f38b1ebfd91366334e5a3a91c63cffe Mon Sep 17 00:00:00 2001 From: Daniel Kesselberg Date: Tue, 21 Sep 2021 17:40:19 +0200 Subject: explicitly close source stream on encryption storage Signed-off-by: Daniel Kesselberg --- lib/private/Files/Storage/Wrapper/Encryption.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'lib/private/Files/Storage') diff --git a/lib/private/Files/Storage/Wrapper/Encryption.php b/lib/private/Files/Storage/Wrapper/Encryption.php index 3c65cdbc8f6..e44b7afe6fd 100644 --- a/lib/private/Files/Storage/Wrapper/Encryption.php +++ b/lib/private/Files/Storage/Wrapper/Encryption.php @@ -926,10 +926,10 @@ class Encryption extends Wrapper { } $result = []; - + // first check if it is an encrypted file at all // We would do query to filecache only if we know that entry in filecache exists - + $info = $this->getCache()->get($path); if (isset($info['encrypted']) && $info['encrypted'] === true) { $firstBlock = $this->readFirstBlock($path); @@ -1033,6 +1033,7 @@ class Encryption extends Wrapper { // always fall back to fopen $target = $this->fopen($path, 'w'); [$count, $result] = \OC_Helper::streamCopy($stream, $target); + fclose($stream); fclose($target); return $count; } -- cgit v1.2.3 From 3a25183b66d30d34ca10d3b2411d8d333face4fd Mon Sep 17 00:00:00 2001 From: acsfer Date: Thu, 9 Sep 2021 12:10:09 +0200 Subject: Get `filesize()` if `file_exists()` Should make sense. --- lib/private/Files/Storage/Local.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/private/Files/Storage') diff --git a/lib/private/Files/Storage/Local.php b/lib/private/Files/Storage/Local.php index ccd331f515f..7f0bdbb6113 100644 --- a/lib/private/Files/Storage/Local.php +++ b/lib/private/Files/Storage/Local.php @@ -216,7 +216,7 @@ class Local extends \OC\Files\Storage\Common { } public function filesize($path) { - if ($this->is_dir($path)) { + if ($this->is_dir($path) || !$this->file_exists($path)) { return 0; } $fullPath = $this->getSourcePath($path); -- cgit v1.2.3 From 8a8df49bc0f7a4f540a9d642fa3518f5d0b64803 Mon Sep 17 00:00:00 2001 From: acsfer Date: Mon, 4 Oct 2021 17:20:17 +0200 Subject: Replace `file_exists()` method by `is_file()` --- lib/private/Files/Storage/Local.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/private/Files/Storage') diff --git a/lib/private/Files/Storage/Local.php b/lib/private/Files/Storage/Local.php index 7f0bdbb6113..72a1ad90d6e 100644 --- a/lib/private/Files/Storage/Local.php +++ b/lib/private/Files/Storage/Local.php @@ -216,7 +216,7 @@ class Local extends \OC\Files\Storage\Common { } public function filesize($path) { - if ($this->is_dir($path) || !$this->file_exists($path)) { + if ($this->is_dir($path) || !$this->is_file($path)) { return 0; } $fullPath = $this->getSourcePath($path); -- cgit v1.2.3 From 98eac0fc05dac7c694038b169cf98fd81fbccc92 Mon Sep 17 00:00:00 2001 From: acsfer Date: Mon, 4 Oct 2021 17:21:37 +0200 Subject: Simplify :) --- lib/private/Files/Storage/Local.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/private/Files/Storage') diff --git a/lib/private/Files/Storage/Local.php b/lib/private/Files/Storage/Local.php index 72a1ad90d6e..7e56293e4cf 100644 --- a/lib/private/Files/Storage/Local.php +++ b/lib/private/Files/Storage/Local.php @@ -216,7 +216,7 @@ class Local extends \OC\Files\Storage\Common { } public function filesize($path) { - if ($this->is_dir($path) || !$this->is_file($path)) { + if (!$this->is_file($path)) { return 0; } $fullPath = $this->getSourcePath($path); -- cgit v1.2.3 From b3766fc99bdef65d185f8a94071c50a96d313331 Mon Sep 17 00:00:00 2001 From: Robin Appelman Date: Mon, 31 May 2021 15:36:22 +0200 Subject: make param names consistent with interface for copy directory polyfill Signed-off-by: Robin Appelman --- lib/private/Files/Storage/PolyFill/CopyDirectory.php | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) (limited to 'lib/private/Files/Storage') diff --git a/lib/private/Files/Storage/PolyFill/CopyDirectory.php b/lib/private/Files/Storage/PolyFill/CopyDirectory.php index ff05eecb134..7fd418f6dca 100644 --- a/lib/private/Files/Storage/PolyFill/CopyDirectory.php +++ b/lib/private/Files/Storage/PolyFill/CopyDirectory.php @@ -64,15 +64,15 @@ trait CopyDirectory { */ abstract public function mkdir($path); - public function copy($source, $target) { - if ($this->is_dir($source)) { - if ($this->file_exists($target)) { - $this->unlink($target); + public function copy($path1, $path2) { + if ($this->is_dir($path1)) { + if ($this->file_exists($path2)) { + $this->unlink($path2); } - $this->mkdir($target); - return $this->copyRecursive($source, $target); + $this->mkdir($path2); + return $this->copyRecursive($path1, $path2); } else { - return parent::copy($source, $target); + return parent::copy($path1, $path2); } } -- cgit v1.2.3 From 9408f8ae6994666b685f5e2de588f9b2a79a00ed Mon Sep 17 00:00:00 2001 From: Carl Schwan Date: Thu, 21 Oct 2021 16:57:07 +0200 Subject: Fix security issues when copying groupfolder with advanced ACL Using advanced ACL, it is possible that an user has access to a directory but not to a subdirectory, so the copying use Common::copyFromStorage instead of Local::copyFromStorage. Fix https://github.com/nextcloud/groupfolders/issues/1692 Signed-off-by: Carl Schwan --- lib/private/Files/Storage/Local.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'lib/private/Files/Storage') diff --git a/lib/private/Files/Storage/Local.php b/lib/private/Files/Storage/Local.php index 870217db20f..13f1a6f2ec4 100644 --- a/lib/private/Files/Storage/Local.php +++ b/lib/private/Files/Storage/Local.php @@ -525,7 +525,10 @@ class Local extends \OC\Files\Storage\Common { * @return bool */ public function copyFromStorage(IStorage $sourceStorage, $sourceInternalPath, $targetInternalPath, $preserveMtime = false) { - if ($sourceStorage->instanceOfStorage(Local::class)) { + // Don't treat ACLStorageWrapper like local storage where copy can be done directly. + // Instead use the slower recursive copying in php from Common::copyFromStorage with + // more permissions checks. + if ($sourceStorage->instanceOfStorage(Local::class) && !$sourceStorage->instanceOfStorage('OCA\GroupFolders\ACL\ACLStorageWrapper')) { if ($sourceStorage->instanceOfStorage(Jail::class)) { /** * @var \OC\Files\Storage\Wrapper\Jail $sourceStorage -- cgit v1.2.3