From be2cf069ab854bd4079ccc8c1eafc8cb98ac654b Mon Sep 17 00:00:00 2001 From: Ferdinand Thiessen Date: Tue, 27 Aug 2024 14:06:23 +0200 Subject: [PATCH] fix: Allow read-only filename validation to allow reading files Needed to read files with the "Windows compatibility" feature. Signed-off-by: Ferdinand Thiessen --- apps/dav/lib/Connector/Sabre/Directory.php | 2 +- lib/private/Files/View.php | 13 ++++++++++++- 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/apps/dav/lib/Connector/Sabre/Directory.php b/apps/dav/lib/Connector/Sabre/Directory.php index 427ec59bc3160..d56f56890cc7f 100644 --- a/apps/dav/lib/Connector/Sabre/Directory.php +++ b/apps/dav/lib/Connector/Sabre/Directory.php @@ -173,7 +173,7 @@ public function getChild($name, $info = null, ?IRequest $request = null, ?IL10N $path = $this->path . '/' . $name; if (is_null($info)) { try { - $this->fileView->verifyPath($this->path, $name); + $this->fileView->verifyPath($this->path, $name, true); $info = $this->fileView->getFileInfo($path); } catch (\OCP\Files\StorageNotAvailableException $e) { throw new \Sabre\DAV\Exception\ServiceUnavailable($e->getMessage(), 0, $e); diff --git a/lib/private/Files/View.php b/lib/private/Files/View.php index 0e5e433ccb689..d8b240d5b11ce 100644 --- a/lib/private/Files/View.php +++ b/lib/private/Files/View.php @@ -1826,15 +1826,26 @@ private function getPartFileInfo(string $path): \OC\Files\FileInfo { /** * @param string $path * @param string $fileName + * @param bool $readonly Check only if the path is allowed for read-only access * @throws InvalidPathException */ - public function verifyPath($path, $fileName): void { + public function verifyPath($path, $fileName, $readonly = false): void { // All of the view's functions disallow '..' in the path so we can short cut if the path is invalid if (!Filesystem::isValidPath($path ?: '/')) { $l = \OCP\Util::getL10N('lib'); throw new InvalidPathException($l->t('Path contains invalid segments')); } + // Short cut for read-only validation + if ($readonly) { + $validator = \OCP\Server::get(FilenameValidator::class); + if ($validator->isForbidden($fileName)) { + $l = \OCP\Util::getL10N('lib'); + throw new InvalidPathException($l->t('Filename is a reserved word')); + } + return; + } + try { /** @type \OCP\Files\Storage $storage */ [$storage, $internalPath] = $this->resolvePath($path);