From c15cb6cc7ac68e539dd3969e614be52e9a943ec7 Mon Sep 17 00:00:00 2001 From: Daniel Kirchner Date: Thu, 5 Apr 2018 14:25:14 +0200 Subject: Prevent information about file existence outside the allowed paths to leak by mimicing boost::filesystem::weakly_canonical. --- libdevcore/CommonIO.cpp | 20 ++++++++++++++++++++ libdevcore/CommonIO.h | 5 +++++ 2 files changed, 25 insertions(+) (limited to 'libdevcore') diff --git a/libdevcore/CommonIO.cpp b/libdevcore/CommonIO.cpp index 6526baf9..0063a8d4 100644 --- a/libdevcore/CommonIO.cpp +++ b/libdevcore/CommonIO.cpp @@ -167,3 +167,23 @@ int dev::readStandardInputChar() DisableConsoleBuffering disableConsoleBuffering; return cin.get(); } + +boost::filesystem::path dev::weaklyCanonicalFilesystemPath(boost::filesystem::path const &_path) +{ + if (boost::filesystem::exists(_path)) + return boost::filesystem::canonical(_path); + else + { + boost::filesystem::path head(_path); + boost::filesystem::path tail; + for (auto it = --_path.end(); !head.empty(); --it) + { + if (boost::filesystem::exists(head)) + break; + tail = (*it) / tail; + head.remove_filename(); + } + head = boost::filesystem::canonical(head); + return head / tail; + } +} diff --git a/libdevcore/CommonIO.h b/libdevcore/CommonIO.h index 3ecdb4c3..9ba68e74 100644 --- a/libdevcore/CommonIO.h +++ b/libdevcore/CommonIO.h @@ -25,6 +25,7 @@ #include #include +#include #include "Common.h" namespace dev @@ -57,4 +58,8 @@ std::string toString(_T const& _t) return o.str(); } +/// Partial implementation of boost::filesystem::weakly_canonical (available in boost>=1.60). +/// Should be replaced by the boost implementation as soon as support for boost<1.60 can be dropped. +boost::filesystem::path weaklyCanonicalFilesystemPath(boost::filesystem::path const &_path); + } -- cgit