ReactOS 0.4.16-dev-2207-geb15453
Classes | Macros | Functions | Variables
security.c File Reference
#include "libxslt.h"
#include <string.h>
#include <libxml/xmlmemory.h>
#include <libxml/parser.h>
#include <libxml/uri.h>
#include "xslt.h"
#include "xsltInternals.h"
#include "xsltutils.h"
#include "extensions.h"
#include "security.h"
Include dependency graph for security.c:

Go to the source code of this file.

Classes

struct  _xsltSecurityPrefs
 

Macros

#define IN_LIBXSLT
 

Functions

xsltSecurityPrefsPtr xsltNewSecurityPrefs (void)
 
void xsltFreeSecurityPrefs (xsltSecurityPrefsPtr sec)
 
int xsltSetSecurityPrefs (xsltSecurityPrefsPtr sec, xsltSecurityOption option, xsltSecurityCheck func)
 
xsltSecurityCheck xsltGetSecurityPrefs (xsltSecurityPrefsPtr sec, xsltSecurityOption option)
 
void xsltSetDefaultSecurityPrefs (xsltSecurityPrefsPtr sec)
 
xsltSecurityPrefsPtr xsltGetDefaultSecurityPrefs (void)
 
int xsltSetCtxtSecurityPrefs (xsltSecurityPrefsPtr sec, xsltTransformContextPtr ctxt)
 
int xsltSecurityAllow (xsltSecurityPrefsPtr sec ATTRIBUTE_UNUSED, xsltTransformContextPtr ctxt ATTRIBUTE_UNUSED, const char *value ATTRIBUTE_UNUSED)
 
int xsltSecurityForbid (xsltSecurityPrefsPtr sec ATTRIBUTE_UNUSED, xsltTransformContextPtr ctxt ATTRIBUTE_UNUSED, const char *value ATTRIBUTE_UNUSED)
 
static int xsltCheckFilename (const char *path)
 
static int xsltCheckWritePath (xsltSecurityPrefsPtr sec, xsltTransformContextPtr ctxt, const char *path)
 
int xsltCheckWrite (xsltSecurityPrefsPtr sec, xsltTransformContextPtr ctxt, const xmlChar *URL)
 
int xsltCheckRead (xsltSecurityPrefsPtr sec, xsltTransformContextPtr ctxt, const xmlChar *URL)
 

Variables

static xsltSecurityPrefsPtr xsltDefaultSecurityPrefs = NULL
 

Macro Definition Documentation

◆ IN_LIBXSLT

#define IN_LIBXSLT

Definition at line 9 of file security.c.

Function Documentation

◆ xsltCheckFilename()

static int xsltCheckFilename ( const char path)
static

xsltCheckFilename @path: the path to check

function checks to see if @path is a valid source (file, socket...) for XML.

TODO: remove at some point !!! Local copy of xmlCheckFilename to avoid a hard dependency on a new version of libxml2

if stat is not available on the target machine, returns 1. if stat fails, returns 0 (if calling stat on the filename fails, it can't be right). if stat succeeds and the file is a directory, returns 2. otherwise returns 1.

Definition at line 262 of file security.c.

263{
264#ifdef HAVE_STAT
265 struct stat stat_buffer;
266#if defined(_WIN32)
267 DWORD dwAttrs;
268
269 dwAttrs = GetFileAttributesA(path);
270 if (dwAttrs != INVALID_FILE_ATTRIBUTES) {
271 if (dwAttrs & FILE_ATTRIBUTE_DIRECTORY) {
272 return 2;
273 }
274 }
275#endif
276
277 if (stat(path, &stat_buffer) == -1)
278 return 0;
279
280#ifdef S_ISDIR
281 if (S_ISDIR(stat_buffer.st_mode)) {
282 return 2;
283 }
284#endif
285#endif
286 return 1;
287}
stat
#define stat
Definition: acwin.h:99
S_ISDIR
#define S_ISDIR(mode)
Definition: various.h:18
GetFileAttributesA
DWORD WINAPI GetFileAttributesA(LPCSTR lpFileName)
Definition: fileinfo.c:636
DWORD
unsigned long DWORD
Definition: ntddk_ex.h:95
FILE_ATTRIBUTE_DIRECTORY
#define FILE_ATTRIBUTE_DIRECTORY
Definition: nt_native.h:705
stat
Definition: stat.h:66
INVALID_FILE_ATTRIBUTES
#define INVALID_FILE_ATTRIBUTES
Definition: vfdcmd.c:23

Referenced by xsltCheckWritePath().

◆ xsltCheckRead()

int xsltCheckRead ( xsltSecurityPrefsPtr  sec,
xsltTransformContextPtr  ctxt,
const xmlChar URL 
)

xsltCheckRead: @sec: the security options @ctxt: an XSLT transformation context @URL: the resource to be read

Check if the resource is allowed to be read

Return 1 if read is allowed, 0 if not and -1 in case or error.

Definition at line 419 of file security.c.

420 {
421 int ret;
422 xmlURIPtr uri;
423 xsltSecurityCheck check;
424
425 if (xmlStrstr(URL, BAD_CAST "://") == NULL) {
426 check = xsltGetSecurityPrefs(sec, XSLT_SECPREF_READ_FILE);
427 if (check != NULL) {
428 ret = check(sec, ctxt, (const char *) URL);
429 if (ret == 0) {
430 xsltTransformError(ctxt, NULL, NULL,
431 "Local file read for %s refused\n", URL);
432 return(0);
433 }
434 }
435 return(1);
436 }
437
438 uri = xmlParseURI((const char *)URL);
439 if (uri == NULL) {
440 xsltTransformError(ctxt, NULL, NULL,
441 "xsltCheckRead: URL parsing failed for %s\n",
442 URL);
443 return(-1);
444 }
445 if ((uri->scheme == NULL) ||
446 (xmlStrEqual(BAD_CAST uri->scheme, BAD_CAST "file"))) {
447
448 /*
449 * Check if we are allowed to read this file
450 */
451 check = xsltGetSecurityPrefs(sec, XSLT_SECPREF_READ_FILE);
452 if (check != NULL) {
453 ret = check(sec, ctxt, uri->path);
454 if (ret == 0) {
455 xsltTransformError(ctxt, NULL, NULL,
456 "Local file read for %s refused\n", URL);
457 xmlFreeURI(uri);
458 return(0);
459 }
460 }
461 } else {
462 /*
463 * Check if we are allowed to write this network resource
464 */
465 check = xsltGetSecurityPrefs(sec, XSLT_SECPREF_READ_NETWORK);
466 if (check != NULL) {
467 ret = check(sec, ctxt, (const char *)URL);
468 if (ret == 0) {
469 xsltTransformError(ctxt, NULL, NULL,
470 "Network file read for %s refused\n", URL);
471 xmlFreeURI(uri);
472 return(0);
473 }
474 }
475 }
476 xmlFreeURI(uri);
477 return(1);
478}
NULL
#define NULL
Definition: types.h:112
xsltGetSecurityPrefs
xsltSecurityCheck xsltGetSecurityPrefs(xsltSecurityPrefsPtr sec, xsltSecurityOption option)
Definition: security.c:142
xsltSecurityCheck
int(* xsltSecurityCheck)(xsltSecurityPrefsPtr sec, xsltTransformContextPtr ctxt, const char *value)
Definition: security.h:51
XSLT_SECPREF_READ_NETWORK
@ XSLT_SECPREF_READ_NETWORK
Definition: security.h:41
XSLT_SECPREF_READ_FILE
@ XSLT_SECPREF_READ_FILE
Definition: security.h:38
check
#define check(expected, result)
Definition: dplayx.c:32
ret
return ret
Definition: mutex.c:146
uri
const char * uri
Definition: sec_mgr.c:1588
_xmlURI
Definition: uri.h:34
xmlFreeURI
XMLPUBFUN void xmlFreeURI(xmlURIPtr uri)
Definition: uri.c:1396
xmlParseURI
XMLPUBFUN xmlURIPtr xmlParseURI(const char *str)
Definition: uri.c:947
xmlStrstr
XMLPUBFUN const xmlChar * xmlStrstr(const xmlChar *str, const xmlChar *val)
Definition: xmlstring.c:347
BAD_CAST
#define BAD_CAST
Definition: xmlstring.h:35
xmlStrEqual
XMLPUBFUN int xmlStrEqual(const xmlChar *str1, const xmlChar *str2)
Definition: xmlstring.c:162
xsltTransformError
void xsltTransformError(xsltTransformContextPtr ctxt, xsltStylesheetPtr style, xmlNodePtr node, const char *msg,...)
Definition: xsltutils.c:762

Referenced by xsltLoadDocument(), xsltLoadStyleDocument(), xsltParseStylesheetFile(), and xsltParseStylesheetImport().

◆ xsltCheckWrite()

int xsltCheckWrite ( xsltSecurityPrefsPtr  sec,
xsltTransformContextPtr  ctxt,
const xmlChar URL 
)

xsltCheckWrite: @sec: the security options @ctxt: an XSLT transformation context @URL: the resource to be written

Check if the resource is allowed to be written, if necessary makes some preliminary work like creating directories

Return 1 if write is allowed, 0 if not and -1 in case or error.

Definition at line 352 of file security.c.

353 {
354 int ret;
355 xmlURIPtr uri;
356 xsltSecurityCheck check;
357
358 uri = xmlParseURI((const char *)URL);
359 if (uri == NULL) {
360 uri = xmlCreateURI();
361 if (uri == NULL) {
362 xsltTransformError(ctxt, NULL, NULL,
363 "xsltCheckWrite: out of memory for %s\n", URL);
364 return(-1);
365 }
366 uri->path = (char *)xmlStrdup(URL);
367 }
368 if ((uri->scheme == NULL) ||
369 (xmlStrEqual(BAD_CAST uri->scheme, BAD_CAST "file"))) {
370
371#if defined(_WIN32)
372 if ((uri->path)&&(uri->path[0]=='/')&&
373 (uri->path[1]!='\0')&&(uri->path[2]==':'))
374 ret = xsltCheckWritePath(sec, ctxt, uri->path+1);
375 else
376#endif
377 {
378 /*
379 * Check if we are allowed to write this file
380 */
381 ret = xsltCheckWritePath(sec, ctxt, uri->path);
382 }
383
384 if (ret <= 0) {
385 xmlFreeURI(uri);
386 return(ret);
387 }
388 } else {
389 /*
390 * Check if we are allowed to write this network resource
391 */
392 check = xsltGetSecurityPrefs(sec, XSLT_SECPREF_WRITE_NETWORK);
393 if (check != NULL) {
394 ret = check(sec, ctxt, (const char *)URL);
395 if (ret == 0) {
396 xsltTransformError(ctxt, NULL, NULL,
397 "File write for %s refused\n", URL);
398 xmlFreeURI(uri);
399 return(0);
400 }
401 }
402 }
403 xmlFreeURI(uri);
404 return(1);
405}
xsltCheckWritePath
static int xsltCheckWritePath(xsltSecurityPrefsPtr sec, xsltTransformContextPtr ctxt, const char *path)
Definition: security.c:290
XSLT_SECPREF_WRITE_NETWORK
@ XSLT_SECPREF_WRITE_NETWORK
Definition: security.h:42
xmlCreateURI
XMLPUBFUN xmlURIPtr xmlCreateURI(void)
Definition: uri.c:1027
xmlStrdup
XMLPUBFUN xmlChar * xmlStrdup(const xmlChar *cur)
Definition: xmlstring.c:69

Referenced by xsltApplyStylesheetInternal(), and xsltDocumentElem().

◆ xsltCheckWritePath()

static int xsltCheckWritePath ( xsltSecurityPrefsPtr  sec,
xsltTransformContextPtr  ctxt,
const char path 
)
static

Definition at line 290 of file security.c.

293{
294 int ret;
295 xsltSecurityCheck check;
296 char *directory;
297
298 check = xsltGetSecurityPrefs(sec, XSLT_SECPREF_WRITE_FILE);
299 if (check != NULL) {
300 ret = check(sec, ctxt, path);
301 if (ret == 0) {
302 xsltTransformError(ctxt, NULL, NULL,
303 "File write for %s refused\n", path);
304 return(0);
305 }
306 }
307
308 directory = xmlParserGetDirectory (path);
309
310 if (directory != NULL) {
311 ret = xsltCheckFilename(directory);
312 if (ret == 0) {
313 /*
314 * The directory doesn't exist check for creation
315 */
316 check = xsltGetSecurityPrefs(sec,
317 XSLT_SECPREF_CREATE_DIRECTORY);
318 if (check != NULL) {
319 ret = check(sec, ctxt, directory);
320 if (ret == 0) {
321 xsltTransformError(ctxt, NULL, NULL,
322 "Directory creation for %s refused\n",
323 path);
324 xmlFree(directory);
325 return(0);
326 }
327 }
328 ret = xsltCheckWritePath(sec, ctxt, directory);
329 if (ret == 1)
330 ret = mkdir(directory, 0755);
331 }
332 xmlFree(directory);
333 if (ret < 0)
334 return(ret);
335 }
336
337 return(1);
338}
mkdir
#define mkdir
Definition: acwin.h:101
xsltCheckFilename
static int xsltCheckFilename(const char *path)
Definition: security.c:262
XSLT_SECPREF_CREATE_DIRECTORY
@ XSLT_SECPREF_CREATE_DIRECTORY
Definition: security.h:40
XSLT_SECPREF_WRITE_FILE
@ XSLT_SECPREF_WRITE_FILE
Definition: security.h:39
xmlFree
xmlFreeFunc xmlFree
Definition: globals.c:184
xmlParserGetDirectory
XMLPUBFUN char * xmlParserGetDirectory(const char *filename)

Referenced by xsltCheckWrite(), and xsltCheckWritePath().

◆ xsltFreeSecurityPrefs()

void xsltFreeSecurityPrefs ( xsltSecurityPrefsPtr  sec)

xsltFreeSecurityPrefs: @sec: the security block to free

Free up a security preference block

Definition at line 95 of file security.c.

95 {
96 if (sec == NULL)
97 return;
98 xmlFree(sec);
99}

◆ xsltGetDefaultSecurityPrefs()

xsltSecurityPrefsPtr xsltGetDefaultSecurityPrefs ( void  )

xsltGetDefaultSecurityPrefs:

Get the default security preference application-wide

Returns the current xsltSecurityPrefsPtr in use or NULL if none

Definition at line 180 of file security.c.

180 {
181 return(xsltDefaultSecurityPrefs);
182}
xsltDefaultSecurityPrefs
static xsltSecurityPrefsPtr xsltDefaultSecurityPrefs
Definition: security.c:57

Referenced by xsltLoadStyleDocument(), xsltNewTransformContext(), xsltParseStylesheetFile(), and xsltParseStylesheetImport().

◆ xsltGetSecurityPrefs()

xsltSecurityCheck xsltGetSecurityPrefs ( xsltSecurityPrefsPtr  sec,
xsltSecurityOption  option 
)

xsltGetSecurityPrefs: @sec: the security block to update @option: the option to lookup

Lookup the security option to get the callback checking function

Returns NULL if not found, the function otherwise

Definition at line 142 of file security.c.

142 {
143 if (sec == NULL)
144 return(NULL);
145 switch (option) {
146 case XSLT_SECPREF_READ_FILE:
147 return(sec->readFile);
148 case XSLT_SECPREF_WRITE_FILE:
149 return(sec->createFile);
150 case XSLT_SECPREF_CREATE_DIRECTORY:
151 return(sec->createDir);
152 case XSLT_SECPREF_READ_NETWORK:
153 return(sec->readNet);
154 case XSLT_SECPREF_WRITE_NETWORK:
155 return(sec->writeNet);
156 }
157 return(NULL);
158}
_xsltSecurityPrefs::readFile
xsltSecurityCheck readFile
Definition: security.c:50
_xsltSecurityPrefs::createFile
xsltSecurityCheck createFile
Definition: security.c:51
_xsltSecurityPrefs::createDir
xsltSecurityCheck createDir
Definition: security.c:52
_xsltSecurityPrefs::readNet
xsltSecurityCheck readNet
Definition: security.c:53
_xsltSecurityPrefs::writeNet
xsltSecurityCheck writeNet
Definition: security.c:54
option
Definition: getopt.h:109

Referenced by xsltCheckRead(), xsltCheckWrite(), and xsltCheckWritePath().

◆ xsltNewSecurityPrefs()

xsltSecurityPrefsPtr xsltNewSecurityPrefs ( void  )

xsltNewSecurityPrefs:

Create a new security preference block

Returns a pointer to the new block or NULL in case of error

Definition at line 73 of file security.c.

73 {
74 xsltSecurityPrefsPtr ret;
75
76 xsltInitGlobals();
77
78 ret = (xsltSecurityPrefsPtr) xmlMalloc(sizeof(xsltSecurityPrefs));
79 if (ret == NULL) {
80 xsltTransformError(NULL, NULL, NULL,
81 "xsltNewSecurityPrefs : malloc failed\n");
82 return(NULL);
83 }
84 memset(ret, 0, sizeof(xsltSecurityPrefs));
85 return(ret);
86}
xsltInitGlobals
void xsltInitGlobals(void)
Definition: extensions.c:2282
xsltSecurityPrefsPtr
xsltSecurityPrefs * xsltSecurityPrefsPtr
Definition: security.h:30
xmlMalloc
xmlMallocFunc xmlMalloc
Definition: globals.c:193
memset
#define memset(x, y, z)
Definition: compat.h:39
_xsltSecurityPrefs
Definition: security.c:49

◆ xsltSecurityAllow()

int xsltSecurityAllow ( xsltSecurityPrefsPtr sec  ATTRIBUTE_UNUSED,
xsltTransformContextPtr ctxt  ATTRIBUTE_UNUSED,
const char *value  ATTRIBUTE_UNUSED 
)

xsltSecurityAllow: @sec: the security block to use @ctxt: an XSLT transformation context @value: unused

Function used to always allow an operation

Returns 1 always

Definition at line 214 of file security.c.

216 {
217 return(1);
218}

◆ xsltSecurityForbid()

int xsltSecurityForbid ( xsltSecurityPrefsPtr sec  ATTRIBUTE_UNUSED,
xsltTransformContextPtr ctxt  ATTRIBUTE_UNUSED,
const char *value  ATTRIBUTE_UNUSED 
)

xsltSecurityForbid: @sec: the security block to use @ctxt: an XSLT transformation context @value: unused

Function used to always forbid an operation

Returns 0 always

Definition at line 231 of file security.c.

233 {
234 return(0);
235}

◆ xsltSetCtxtSecurityPrefs()

int xsltSetCtxtSecurityPrefs ( xsltSecurityPrefsPtr  sec,
xsltTransformContextPtr  ctxt 
)

xsltSetCtxtSecurityPrefs: @sec: the security block to use @ctxt: an XSLT transformation context

Set the security preference for a specific transformation

Returns -1 in case of error, 0 otherwise

Definition at line 194 of file security.c.

195 {
196 if (ctxt == NULL)
197 return(-1);
198 ctxt->sec = (void *) sec;
199 return(0);
200}
_xsltTransformContext::sec
void * sec
Definition: xsltInternals.h:1741

◆ xsltSetDefaultSecurityPrefs()

void xsltSetDefaultSecurityPrefs ( xsltSecurityPrefsPtr  sec)

xsltSetDefaultSecurityPrefs: @sec: the security block to use

Set the default security preference application-wide

Definition at line 167 of file security.c.

167 {
168
169 xsltDefaultSecurityPrefs = sec;
170}

◆ xsltSetSecurityPrefs()

int xsltSetSecurityPrefs ( xsltSecurityPrefsPtr  sec,
xsltSecurityOption  option,
xsltSecurityCheck  func 
)

xsltSetSecurityPrefs: @sec: the security block to update @option: the option to update @func: the user callback to use for this option

Update the security option to use the new callback checking function

Returns -1 in case of error, 0 otherwise

Definition at line 112 of file security.c.

113 {
114 xsltInitGlobals();
115 if (sec == NULL)
116 return(-1);
117 switch (option) {
118 case XSLT_SECPREF_READ_FILE:
119 sec->readFile = func; return(0);
120 case XSLT_SECPREF_WRITE_FILE:
121 sec->createFile = func; return(0);
122 case XSLT_SECPREF_CREATE_DIRECTORY:
123 sec->createDir = func; return(0);
124 case XSLT_SECPREF_READ_NETWORK:
125 sec->readNet = func; return(0);
126 case XSLT_SECPREF_WRITE_NETWORK:
127 sec->writeNet = func; return(0);
128 }
129 return(-1);
130}
func
GLenum func
Definition: glext.h:6028

Variable Documentation

◆ xsltDefaultSecurityPrefs

xsltSecurityPrefsPtr xsltDefaultSecurityPrefs = NULL
static

Definition at line 57 of file security.c.

Referenced by xsltGetDefaultSecurityPrefs(), and xsltSetDefaultSecurityPrefs().