Changeset 7137


Ignore:
Timestamp:
Apr 22, 2016, 1:31:25 PM (7 years ago)
Author:
Nicklas Nordborg
Message:

Fixes #2003: The static cache should not allow cache keys containing '../'

The validation of keys now include a check for '../'.

As an extra safety the canonical path of the files created from the keys are verified to be sub-paths to the root path of the cache.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • branches/3.7-stable/src/core/net/sf/basedb/util/StaticCache.java

    r6898 r7137  
    4646import java.util.regex.Pattern;
    4747
     48import net.sf.basedb.core.BaseException;
    4849import net.sf.basedb.core.InvalidDataException;
    4950
     
    8990  public static boolean isValidKey(String key)
    9091  {
    91     return validKey.matcher(key).matches();
     92    return validKey.matcher(key).matches() && !key.contains("../");
    9293  }
    9394 
     
    103104  {
    104105    Pattern invalid = Pattern.compile("[^\\w\\/\\.\\-]");
    105     return invalid.matcher(key).replaceAll(replacement);
     106    return invalid.matcher(key).replaceAll(replacement).replace("../", replacement);
    106107  }
    107108 
    108109  private final File root;
     110  private final String rootPath;
    109111  private final Map<String, LockEntry> locks;
    110112  private boolean disabled;
     
    118120  {
    119121    this.root = root;
     122    try
     123    {
     124      this.rootPath = root.getCanonicalPath();
     125    }
     126    catch (IOException ex)
     127    {
     128      throw new BaseException(ex);
     129    }
    120130    this.locks = new WeakHashMap<String, LockEntry>();
    121131    log.info("Creating static cache in directory " + root);
     
    216226  {
    217227    validateKey(key);
    218     File f = new File(root, key);
     228    File f = fileFromKey(key);
    219229    return f.exists();
    220230  }
     
    229239  {
    230240    validateKey(key);
    231     File f = new File(root, key);
     241    File f = fileFromKey(key);
    232242    return f.exists() ? f.length() : -1;
    233243  }
     
    452462    validateKey(key);
    453463    log.debug("Delete request for static cache: " + key);
    454     File f = new File(root, key);
     464    File f = fileFromKey(key);
    455465    if (!f.exists())
    456466    {
     
    478488  }
    479489 
     490  private File fileFromKey(String key)
     491  {
     492    File f = new File(root, key);
     493    // The key must result in a file path that is a child to the root path!
     494    try
     495    {
     496      String keyPath = f.getCanonicalPath();
     497      if (!keyPath.startsWith(rootPath))
     498      {
     499        throw new InvalidDataException("Invalid path to cache entry: "+ keyPath);
     500      }
     501    }
     502    catch (IOException ex)
     503    {
     504      throw new InvalidDataException("Invalid cache key: "+ key, ex);
     505    }
     506    return f;
     507  }
     508 
    480509  /**
    481510    Get a lock-safe input stream.
     
    486515    validateKey(key);
    487516    log.debug("Read request for static cache: " + key);
    488     File f = new File(root, key);
     517    File f = fileFromKey(key);
    489518    if (!f.exists())
    490519    {
     
    523552    try
    524553    {
    525       File f = new File(root, key);
     554      File f = fileFromKey(key);
    526555      File dir = f.getParentFile();
    527556      if (!dir.mkdirs() && !dir.isDirectory())
Note: See TracChangeset for help on using the changeset viewer.