Apache
/
jclouds
mirror of https://github.com/apache/jclouds.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

more validation for containerName and blobKey to avoid access escape

This commit is contained in:
jixinchi 2024-04-03 16:57:40 +08:00 committed by Andrew Gaul
parent c73660dac8
commit b0819e0ef5
3 changed files with 13 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
apis/filesystem/src/main/java/org/jclouds/filesystem/predicates/validators/internal/FilesystemBlobKeyValidatorImpl.java
View File

@ -38,6 +38,8 @@ public class FilesystemBlobKeyValidatorImpl extends FilesystemBlobKeyValidator {
//blobkey cannot start with / (or \ in Windows) character //blobkey cannot start with / (or \ in Windows) character
if (name.startsWith("\\") || name.startsWith("/")) if (name.startsWith("\\") || name.startsWith("/"))
throw new IllegalArgumentException("Blob key '" + name + "' cannot start with \\ or /"); throw new IllegalArgumentException("Blob key '" + name + "' cannot start with \\ or /");
if (name.contains("../"))
throw new IllegalArgumentException("Blob key '" + name + "' cannot contains ../");
} }
} }

2
apis/filesystem/src/main/java/org/jclouds/filesystem/predicates/validators/internal/FilesystemContainerNameValidatorImpl.java
View File

@ -38,6 +38,8 @@ public class FilesystemContainerNameValidatorImpl extends FilesystemContainerNam
//container name cannot contains / (or \ in Windows) character //container name cannot contains / (or \ in Windows) character
if (name.contains("\\") || name.contains("/")) if (name.contains("\\") || name.contains("/"))
throw new IllegalArgumentException("Container name '" + name + "' cannot contain \\ or /"); throw new IllegalArgumentException("Container name '" + name + "' cannot contain \\ or /");
if (name.equals(".") || name.equals(".."))
throw new IllegalArgumentException("Container name cannot be . or ..");
} }
} }

9
apis/filesystem/src/main/java/org/jclouds/filesystem/strategy/internal/FilesystemStorageStrategyImpl.java
View File

@ -187,6 +187,7 @@ public class FilesystemStorageStrategyImpl implements LocalStorageStrategy {
@Override @Override
public ContainerAccess getContainerAccess(String container) { public ContainerAccess getContainerAccess(String container) {
filesystemContainerNameValidator.validate(container);
File file = new File(buildPathStartingFromBaseDir(container)); File file = new File(buildPathStartingFromBaseDir(container));
if (!file.exists()) { if (!file.exists()) {
throw new ContainerNotFoundException(container, "in getContainerAccess"); throw new ContainerNotFoundException(container, "in getContainerAccess");
@ -217,6 +218,7 @@ public class FilesystemStorageStrategyImpl implements LocalStorageStrategy {
@Override @Override
public void setContainerAccess(String container, ContainerAccess access) { public void setContainerAccess(String container, ContainerAccess access) {
filesystemContainerNameValidator.validate(container);
Path path = new File(buildPathStartingFromBaseDir(container)).toPath(); Path path = new File(buildPathStartingFromBaseDir(container)).toPath();
if ( isWindows() ) { if ( isWindows() ) {
@ -310,6 +312,7 @@ public class FilesystemStorageStrategyImpl implements LocalStorageStrategy {
@Override @Override
public StorageMetadata getContainerMetadata(String container) { public StorageMetadata getContainerMetadata(String container) {
filesystemContainerNameValidator.validate(container);
MutableStorageMetadata metadata = new MutableStorageMetadataImpl(); MutableStorageMetadata metadata = new MutableStorageMetadataImpl();
metadata.setName(container); metadata.setName(container);
metadata.setType(StorageType.CONTAINER); metadata.setType(StorageType.CONTAINER);
@ -378,6 +381,8 @@ public class FilesystemStorageStrategyImpl implements LocalStorageStrategy {
@Override @Override
public Blob getBlob(final String container, final String key) { public Blob getBlob(final String container, final String key) {
filesystemContainerNameValidator.validate(container);
filesystemBlobKeyValidator.validate(key);
BlobBuilder builder = blobBuilders.get(); BlobBuilder builder = blobBuilders.get();
builder.name(key); builder.name(key);
File file = getFileForBlobKey(container, key); File file = getFileForBlobKey(container, key);
@ -658,6 +663,8 @@ public class FilesystemStorageStrategyImpl implements LocalStorageStrategy {
@Override @Override
public BlobAccess getBlobAccess(String containerName, String blobName) { public BlobAccess getBlobAccess(String containerName, String blobName) {
filesystemContainerNameValidator.validate(containerName);
filesystemBlobKeyValidator.validate(blobName);
if (!new File(buildPathStartingFromBaseDir(containerName)).exists()) { if (!new File(buildPathStartingFromBaseDir(containerName)).exists()) {
throw new ContainerNotFoundException(containerName, "in getBlobAccess"); throw new ContainerNotFoundException(containerName, "in getBlobAccess");
} }
@ -691,6 +698,8 @@ public class FilesystemStorageStrategyImpl implements LocalStorageStrategy {
@Override @Override
public void setBlobAccess(String container, String name, BlobAccess access) { public void setBlobAccess(String container, String name, BlobAccess access) {
filesystemContainerNameValidator.validate(container);
filesystemBlobKeyValidator.validate(name);
Path path = new File(buildPathStartingFromBaseDir(container, name)).toPath(); Path path = new File(buildPathStartingFromBaseDir(container, name)).toPath();
if ( isWindows() ) { if ( isWindows() ) {
try { try {