ReactOS 0.4.16-dev-1494-gd054f63
security.c
Go to the documentation of this file.
1/*
2 * security.c: Implementation of the XSLT security framework
3 *
4 * See Copyright for the status of this software.
5 *
6 * daniel@veillard.com
7 */
8
9#include "precomp.h"
10
11#ifdef HAVE_SYS_STAT_H
12#include <sys/stat.h>
13#endif
14
15#if defined(_WIN32)
16#ifndef INVALID_FILE_ATTRIBUTES
17#define INVALID_FILE_ATTRIBUTES ((DWORD)-1)
18#endif
19#endif
20
21#ifndef HAVE_STAT
22# ifdef HAVE__STAT
23 /* MS C library seems to define stat and _stat. The definition
24 * is identical. Still, mapping them to each other causes a warning. */
25# ifndef _MSC_VER
26# define stat(x,y) _stat(x,y)
27# endif
28# define HAVE_STAT
29# endif
30#endif
31
32struct _xsltSecurityPrefs {
33 xsltSecurityCheck readFile;
34 xsltSecurityCheck createFile;
35 xsltSecurityCheck createDir;
36 xsltSecurityCheck readNet;
37 xsltSecurityCheck writeNet;
38};
39
40static xsltSecurityPrefsPtr xsltDefaultSecurityPrefs = NULL;
41
42/************************************************************************
43 * *
44 * Module interfaces *
45 * *
46 ************************************************************************/
47
55xsltSecurityPrefsPtr
56xsltNewSecurityPrefs(void) {
57 xsltSecurityPrefsPtr ret;
58
59 xsltInitGlobals();
60
61 ret = (xsltSecurityPrefsPtr) xmlMalloc(sizeof(xsltSecurityPrefs));
62 if (ret == NULL) {
63 xsltTransformError(NULL, NULL, NULL,
64 "xsltNewSecurityPrefs : malloc failed\n");
65 return(NULL);
66 }
67 memset(ret, 0, sizeof(xsltSecurityPrefs));
68 return(ret);
69}
70
77void
78xsltFreeSecurityPrefs(xsltSecurityPrefsPtr sec) {
79 if (sec == NULL)
80 return;
81 xmlFree(sec);
82}
83
94int
95xsltSetSecurityPrefs(xsltSecurityPrefsPtr sec, xsltSecurityOption option,
96 xsltSecurityCheck func) {
97 xsltInitGlobals();
98 if (sec == NULL)
99 return(-1);
100 switch (option) {
101 case XSLT_SECPREF_READ_FILE:
102 sec->readFile = func; return(0);
103 case XSLT_SECPREF_WRITE_FILE:
104 sec->createFile = func; return(0);
105 case XSLT_SECPREF_CREATE_DIRECTORY:
106 sec->createDir = func; return(0);
107 case XSLT_SECPREF_READ_NETWORK:
108 sec->readNet = func; return(0);
109 case XSLT_SECPREF_WRITE_NETWORK:
110 sec->writeNet = func; return(0);
111 }
112 return(-1);
113}
114
124xsltSecurityCheck
125xsltGetSecurityPrefs(xsltSecurityPrefsPtr sec, xsltSecurityOption option) {
126 if (sec == NULL)
127 return(NULL);
128 switch (option) {
129 case XSLT_SECPREF_READ_FILE:
130 return(sec->readFile);
131 case XSLT_SECPREF_WRITE_FILE:
132 return(sec->createFile);
133 case XSLT_SECPREF_CREATE_DIRECTORY:
134 return(sec->createDir);
135 case XSLT_SECPREF_READ_NETWORK:
136 return(sec->readNet);
137 case XSLT_SECPREF_WRITE_NETWORK:
138 return(sec->writeNet);
139 }
140 return(NULL);
141}
142
149void
150xsltSetDefaultSecurityPrefs(xsltSecurityPrefsPtr sec) {
151
152 xsltDefaultSecurityPrefs = sec;
153}
154
162xsltSecurityPrefsPtr
163xsltGetDefaultSecurityPrefs(void) {
164 return(xsltDefaultSecurityPrefs);
165}
166
176int
177xsltSetCtxtSecurityPrefs(xsltSecurityPrefsPtr sec,
178 xsltTransformContextPtr ctxt) {
179 if (ctxt == NULL)
180 return(-1);
181 ctxt->sec = (void *) sec;
182 return(0);
183}
184
185
196int
197xsltSecurityAllow(xsltSecurityPrefsPtr sec ATTRIBUTE_UNUSED,
198 xsltTransformContextPtr ctxt ATTRIBUTE_UNUSED,
199 const char *value ATTRIBUTE_UNUSED) {
200 return(1);
201}
202
213int
214xsltSecurityForbid(xsltSecurityPrefsPtr sec ATTRIBUTE_UNUSED,
215 xsltTransformContextPtr ctxt ATTRIBUTE_UNUSED,
216 const char *value ATTRIBUTE_UNUSED) {
217 return(0);
218}
219
220/************************************************************************
221 * *
222 * Internal interfaces *
223 * *
224 ************************************************************************/
225
244static int
245xsltCheckFilename (const char *path)
246{
247#ifdef HAVE_STAT
248 struct stat stat_buffer;
249#if defined(_WIN32)
250 DWORD dwAttrs;
251
252 dwAttrs = GetFileAttributesA(path);
253 if (dwAttrs != INVALID_FILE_ATTRIBUTES) {
254 if (dwAttrs & FILE_ATTRIBUTE_DIRECTORY) {
255 return 2;
256 }
257 }
258#endif
259
260 if (stat(path, &stat_buffer) == -1)
261 return 0;
262
263#ifdef S_ISDIR
264 if (S_ISDIR(stat_buffer.st_mode)) {
265 return 2;
266 }
267#endif
268#endif
269 return 1;
270}
271
272static int
273xsltCheckWritePath(xsltSecurityPrefsPtr sec,
274 xsltTransformContextPtr ctxt,
275 const char *path)
276{
277 int ret;
278 xsltSecurityCheck check;
279 char *directory;
280
281 check = xsltGetSecurityPrefs(sec, XSLT_SECPREF_WRITE_FILE);
282 if (check != NULL) {
283 ret = check(sec, ctxt, path);
284 if (ret == 0) {
285 xsltTransformError(ctxt, NULL, NULL,
286 "File write for %s refused\n", path);
287 return(0);
288 }
289 }
290
291 directory = xmlParserGetDirectory (path);
292
293 if (directory != NULL) {
294 ret = xsltCheckFilename(directory);
295 if (ret == 0) {
296 /*
297 * The directory doesn't exist check for creation
298 */
299 check = xsltGetSecurityPrefs(sec,
300 XSLT_SECPREF_CREATE_DIRECTORY);
301 if (check != NULL) {
302 ret = check(sec, ctxt, directory);
303 if (ret == 0) {
304 xsltTransformError(ctxt, NULL, NULL,
305 "Directory creation for %s refused\n",
306 path);
307 xmlFree(directory);
308 return(0);
309 }
310 }
311 ret = xsltCheckWritePath(sec, ctxt, directory);
312 if (ret == 1)
313 ret = mkdir(directory, 0755);
314 }
315 xmlFree(directory);
316 if (ret < 0)
317 return(ret);
318 }
319
320 return(1);
321}
322
334int
335xsltCheckWrite(xsltSecurityPrefsPtr sec,
336 xsltTransformContextPtr ctxt, const xmlChar *URL) {
337 int ret;
338 xmlURIPtr uri;
339 xsltSecurityCheck check;
340
341 uri = xmlParseURI((const char *)URL);
342 if (uri == NULL) {
343 uri = xmlCreateURI();
344 if (uri == NULL) {
345 xsltTransformError(ctxt, NULL, NULL,
346 "xsltCheckWrite: out of memory for %s\n", URL);
347 return(-1);
348 }
349 uri->path = (char *)xmlStrdup(URL);
350 }
351 if ((uri->scheme == NULL) ||
352 (xmlStrEqual(BAD_CAST uri->scheme, BAD_CAST "file"))) {
353
354#if defined(_WIN32)
355 if ((uri->path)&&(uri->path[0]=='/')&&
356 (uri->path[1]!='\0')&&(uri->path[2]==':'))
357 ret = xsltCheckWritePath(sec, ctxt, uri->path+1);
358 else
359#endif
360 {
361 /*
362 * Check if we are allowed to write this file
363 */
364 ret = xsltCheckWritePath(sec, ctxt, uri->path);
365 }
366
367 if (ret <= 0) {
368 xmlFreeURI(uri);
369 return(ret);
370 }
371 } else {
372 /*
373 * Check if we are allowed to write this network resource
374 */
375 check = xsltGetSecurityPrefs(sec, XSLT_SECPREF_WRITE_NETWORK);
376 if (check != NULL) {
377 ret = check(sec, ctxt, (const char *)URL);
378 if (ret == 0) {
379 xsltTransformError(ctxt, NULL, NULL,
380 "File write for %s refused\n", URL);
381 xmlFreeURI(uri);
382 return(0);
383 }
384 }
385 }
386 xmlFreeURI(uri);
387 return(1);
388}
389
390
401int
402xsltCheckRead(xsltSecurityPrefsPtr sec,
403 xsltTransformContextPtr ctxt, const xmlChar *URL) {
404 int ret;
405 xmlURIPtr uri;
406 xsltSecurityCheck check;
407
408 uri = xmlParseURI((const char *)URL);
409 if (uri == NULL) {
410 xsltTransformError(ctxt, NULL, NULL,
411 "xsltCheckRead: URL parsing failed for %s\n",
412 URL);
413 return(-1);
414 }
415 if ((uri->scheme == NULL) ||
416 (xmlStrEqual(BAD_CAST uri->scheme, BAD_CAST "file"))) {
417
418 /*
419 * Check if we are allowed to read this file
420 */
421 check = xsltGetSecurityPrefs(sec, XSLT_SECPREF_READ_FILE);
422 if (check != NULL) {
423 ret = check(sec, ctxt, uri->path);
424 if (ret == 0) {
425 xsltTransformError(ctxt, NULL, NULL,
426 "Local file read for %s refused\n", URL);
427 xmlFreeURI(uri);
428 return(0);
429 }
430 }
431 } else {
432 /*
433 * Check if we are allowed to write this network resource
434 */
435 check = xsltGetSecurityPrefs(sec, XSLT_SECPREF_READ_NETWORK);
436 if (check != NULL) {
437 ret = check(sec, ctxt, (const char *)URL);
438 if (ret == 0) {
439 xsltTransformError(ctxt, NULL, NULL,
440 "Network file read for %s refused\n", URL);
441 xmlFreeURI(uri);
442 return(0);
443 }
444 }
445 }
446 xmlFreeURI(uri);
447 return(1);
448}
449
xsltInitGlobals
void xsltInitGlobals(void)
Definition: extensions.c:2257
stat
#define stat
Definition: acwin.h:99
mkdir
#define mkdir
Definition: acwin.h:101
S_ISDIR
#define S_ISDIR(mode)
Definition: various.h:18
NULL
#define NULL
Definition: types.h:112
xsltSetDefaultSecurityPrefs
void xsltSetDefaultSecurityPrefs(xsltSecurityPrefsPtr sec)
Definition: security.c:150
xsltGetSecurityPrefs
xsltSecurityCheck xsltGetSecurityPrefs(xsltSecurityPrefsPtr sec, xsltSecurityOption option)
Definition: security.c:125
xsltSetSecurityPrefs
int xsltSetSecurityPrefs(xsltSecurityPrefsPtr sec, xsltSecurityOption option, xsltSecurityCheck func)
Definition: security.c:95
xsltCheckWritePath
static int xsltCheckWritePath(xsltSecurityPrefsPtr sec, xsltTransformContextPtr ctxt, const char *path)
Definition: security.c:273
xsltFreeSecurityPrefs
void xsltFreeSecurityPrefs(xsltSecurityPrefsPtr sec)
Definition: security.c:78
xsltSecurityForbid
int xsltSecurityForbid(xsltSecurityPrefsPtr sec ATTRIBUTE_UNUSED, xsltTransformContextPtr ctxt ATTRIBUTE_UNUSED, const char *value ATTRIBUTE_UNUSED)
Definition: security.c:214
xsltCheckWrite
int xsltCheckWrite(xsltSecurityPrefsPtr sec, xsltTransformContextPtr ctxt, const xmlChar *URL)
Definition: security.c:335
xsltCheckFilename
static int xsltCheckFilename(const char *path)
Definition: security.c:245
xsltGetDefaultSecurityPrefs
xsltSecurityPrefsPtr xsltGetDefaultSecurityPrefs(void)
Definition: security.c:163
xsltSecurityAllow
int xsltSecurityAllow(xsltSecurityPrefsPtr sec ATTRIBUTE_UNUSED, xsltTransformContextPtr ctxt ATTRIBUTE_UNUSED, const char *value ATTRIBUTE_UNUSED)
Definition: security.c:197
xsltSetCtxtSecurityPrefs
int xsltSetCtxtSecurityPrefs(xsltSecurityPrefsPtr sec, xsltTransformContextPtr ctxt)
Definition: security.c:177
xsltNewSecurityPrefs
xsltSecurityPrefsPtr xsltNewSecurityPrefs(void)
Definition: security.c:56
xsltDefaultSecurityPrefs
static xsltSecurityPrefsPtr xsltDefaultSecurityPrefs
Definition: security.c:40
xsltCheckRead
int xsltCheckRead(xsltSecurityPrefsPtr sec, xsltTransformContextPtr ctxt, const xmlChar *URL)
Definition: security.c:402
xsltSecurityPrefsPtr
xsltSecurityPrefs * xsltSecurityPrefsPtr
Definition: security.h:30
xsltSecurityCheck
int(* xsltSecurityCheck)(xsltSecurityPrefsPtr sec, xsltTransformContextPtr ctxt, const char *value)
Definition: security.h:51
xsltSecurityOption
xsltSecurityOption
Definition: security.h:37
XSLT_SECPREF_READ_NETWORK
@ XSLT_SECPREF_READ_NETWORK
Definition: security.h:41
XSLT_SECPREF_WRITE_NETWORK
@ XSLT_SECPREF_WRITE_NETWORK
Definition: security.h:42
XSLT_SECPREF_CREATE_DIRECTORY
@ XSLT_SECPREF_CREATE_DIRECTORY
Definition: security.h:40
XSLT_SECPREF_WRITE_FILE
@ XSLT_SECPREF_WRITE_FILE
Definition: security.h:39
XSLT_SECPREF_READ_FILE
@ XSLT_SECPREF_READ_FILE
Definition: security.h:38
GetFileAttributesA
DWORD WINAPI GetFileAttributesA(LPCSTR lpFileName)
Definition: fileinfo.c:636
check
#define check(expected, result)
Definition: dplayx.c:32
ret
return ret
Definition: mutex.c:146
DWORD
unsigned long DWORD
Definition: ntddk_ex.h:95
func
GLenum func
Definition: glext.h:6028
ATTRIBUTE_UNUSED
#define ATTRIBUTE_UNUSED
Definition: i386-dis.c:36
uri
const char * uri
Definition: sec_mgr.c:1588
FILE_ATTRIBUTE_DIRECTORY
#define FILE_ATTRIBUTE_DIRECTORY
Definition: nt_native.h:705
xmlMalloc
XMLPUBVAR xmlMallocFunc xmlMalloc
Definition: globals.h:248
xmlFree
XMLPUBVAR xmlFreeFunc xmlFree
Definition: globals.h:251
memset
#define memset(x, y, z)
Definition: compat.h:39
_xmlURI
Definition: uri.h:33
_xsltSecurityPrefs
Definition: security.c:32
_xsltSecurityPrefs::readFile
xsltSecurityCheck readFile
Definition: security.c:33
_xsltSecurityPrefs::createFile
xsltSecurityCheck createFile
Definition: security.c:34
_xsltSecurityPrefs::createDir
xsltSecurityCheck createDir
Definition: security.c:35
_xsltSecurityPrefs::readNet
xsltSecurityCheck readNet
Definition: security.c:36
_xsltSecurityPrefs::writeNet
xsltSecurityCheck writeNet
Definition: security.c:37
_xsltTransformContext
Definition: xsltInternals.h:1672
_xsltTransformContext::sec
void * sec
Definition: xsltInternals.h:1734
option
Definition: getopt.h:109
stat
Definition: stat.h:55
stat::st_mode
unsigned short st_mode
Definition: stat.h:58
value
Definition: pdh_main.c:96
xmlCreateURI
XMLPUBFUN xmlURIPtr XMLCALL xmlCreateURI(void)
Definition: uri.c:1020
xmlParseURI
XMLPUBFUN xmlURIPtr XMLCALL xmlParseURI(const char *str)
Definition: uri.c:940
xmlFreeURI
XMLPUBFUN void XMLCALL xmlFreeURI(xmlURIPtr uri)
Definition: uri.c:1387
INVALID_FILE_ATTRIBUTES
#define INVALID_FILE_ATTRIBUTES
Definition: vfdcmd.c:23
xmlParserGetDirectory
XMLPUBFUN char *XMLCALL xmlParserGetDirectory(const char *filename)
xmlStrdup
XMLPUBFUN xmlChar *XMLCALL xmlStrdup(const xmlChar *cur)
Definition: xmlstring.c:67
BAD_CAST
#define BAD_CAST
Definition: xmlstring.h:35
xmlStrEqual
XMLPUBFUN int XMLCALL xmlStrEqual(const xmlChar *str1, const xmlChar *str2)
Definition: xmlstring.c:160
xmlChar
unsigned char xmlChar
Definition: xmlstring.h:28
xsltTransformError
void xsltTransformError(xsltTransformContextPtr ctxt, xsltStylesheetPtr style, xmlNodePtr node, const char *msg,...)
Definition: xsltutils.c:678