src/Main/util.cxx

   1 // util.cxx - general-purpose utility functions.
   2 // Copyright (C) 2002  Curtis L. Olson  - http://www.flightgear.org/~curt
   3 //
   4 // This program is free software; you can redistribute it and/or
   5 // modify it under the terms of the GNU General Public License as
   6 // published by the Free Software Foundation; either version 2 of the
   7 // License, or (at your option) any later version.
   8 //
   9 // This program is distributed in the hope that it will be useful, but
  10 // WITHOUT ANY WARRANTY; without even the implied warranty of
  11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  12 // General Public License for more details.
  13 //
  14 // You should have received a copy of the GNU General Public License
  15 // along with this program; if not, write to the Free Software
  16 // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
  17 //
  18 // $Id$
  19
  20 #ifdef HAVE_CONFIG_H
  21 #  include <config.h>
  22 #endif
  23
  24 #include <simgear/compiler.h>
  25
  26 #include <cmath>
  27
  28 #include <cstdlib>
  29
  30 #include <vector>
  31
  32 #include <simgear/debug/logstream.hxx>
  33 #include <simgear/math/SGLimits.hxx>
  34 #include <simgear/math/SGMisc.hxx>
  35
  36 #include <GUI/MessageBox.hxx>
  37 #include "fg_io.hxx"
  38 #include "fg_props.hxx"
  39 #include "globals.hxx"
  40 #include "util.hxx"
  41
  42 #ifdef OSG_LIBRARY_STATIC
  43 #include "osgDB/Registry"
  44 #endif
  45
  46 using std::vector;
  47
  48 // Originally written by Alex Perry.
  49 double
  50 fgGetLowPass (double current, double target, double timeratio)
  51 {
  52     if ( timeratio < 0.0 ) {
  53         if ( timeratio < -1.0 ) {
  54                                 // time went backwards; kill the filter
  55                 current = target;
  56         } else {
  57                                 // ignore mildly negative time
  58         }
  59     } else if ( timeratio < 0.2 ) {
  60                                 // Normal mode of operation; fast
  61                                 // approximation to exp(-timeratio)
  62         current = current * (1.0 - timeratio) + target * timeratio;
  63     } else if ( timeratio > 5.0 ) {
  64                                 // Huge time step; assume filter has settled
  65         current = target;
  66     } else {
  67                                 // Moderate time step; non linear response
  68         double keep = exp(-timeratio);
  69         current = current * keep + target * (1.0 - keep);
  70     }
  71
  72     return current;
  73 }
  74
  75 // Normalize a path
  76 // Unlike SGPath::realpath, does not require that the file already exists,
  77 // but does require that it be below the starting point
  78 static std::string fgNormalizePath (const std::string& path)
  79 {
  80     string_list path_parts;
  81     char c;
  82     std::string normed_path = "", this_part = "";
  83
  84     for (int pos = 0; ; pos++) {
  85         c = path[pos];
  86         if (c == '\\') { c = '/'; }
  87         if ((c == '/') || (c == 0)) {
  88             if ((this_part == "/..") || (this_part == "..")) {
  89                 if (path_parts.empty()) { return ""; }
  90                 path_parts.pop_back();
  91             } else if ((this_part != "/.") && (this_part != "/")) {
  92                 path_parts.push_back(this_part);
  93             }
  94             this_part = "";
  95         }
  96         if (c == 0) { break; }
  97         this_part = this_part + c;
  98     }
  99     for( string_list::const_iterator it = path_parts.begin();
 100                                      it != path_parts.end();
 101                                    ++it )
 102     {
 103         normed_path.append(*it);
 104     }
 105     return normed_path;
 106  }
 107
 108 static string_list read_allowed_paths;
 109 static string_list write_allowed_paths;
 110
 111 // Allowed paths here are absolute, and may contain _one_ *,
 112 // which matches any string
 113 // FG_SCENERY is deliberately not allowed, as it would make
 114 // /sim/terrasync/scenery-dir a security hole
 115 void fgInitAllowedPaths()
 116 {
 117     read_allowed_paths.clear();
 118     write_allowed_paths.clear();
 119     std::string fg_root = fgNormalizePath(globals->get_fg_root());
 120     std::string fg_home = fgNormalizePath(globals->get_fg_home());
 121     read_allowed_paths.push_back(fg_root + "/*");
 122     read_allowed_paths.push_back(fg_home + "/*");
 123     string_list const aircraft_paths = globals->get_aircraft_paths();
 124     for( string_list::const_iterator it = aircraft_paths.begin();
 125                                      it != aircraft_paths.end();
 126                                    ++it )
 127     {
 128         read_allowed_paths.push_back(fgNormalizePath(*it) + "/*");
 129     }
 130
 131     for( string_list::const_iterator it = read_allowed_paths.begin();
 132                                      it != read_allowed_paths.end();
 133                                    ++it )
 134     { // if we get the initialization order wrong, better to have an
 135       // obvious error than a can-read-everything security hole...
 136         if (!(it->compare("/*"))){
 137             flightgear::fatalMessageBox("Nasal initialization error",
 138                                     "Empty string in FG_ROOT, FG_HOME or FG_AIRCRAFT",
 139                                     "or fgInitAllowedPaths() called too early");
 140             exit(-1);
 141         }
 142     }
 143     write_allowed_paths.push_back(fg_home + "/*.sav");
 144     write_allowed_paths.push_back(fg_home + "/*.log");
 145     write_allowed_paths.push_back(fg_home + "/cache/*");
 146     write_allowed_paths.push_back(fg_home + "/Export/*");
 147     write_allowed_paths.push_back(fg_home + "/state/*.xml");
 148     write_allowed_paths.push_back(fg_home + "/aircraft-data/*.xml");
 149     write_allowed_paths.push_back(fg_home + "/Wildfire/*.xml");
 150     write_allowed_paths.push_back(fg_home + "/runtime-jetways/*.xml");
 151     write_allowed_paths.push_back(fg_home + "/Input/Joysticks/*.xml");
 152
 153     // Check that it works
 154     if(!fgValidatePath(globals->get_fg_home() + "/../no.log",true).empty() ||
 155         !fgValidatePath(globals->get_fg_home() + "/no.lot",true).empty() ||
 156         !fgValidatePath(globals->get_fg_home() + "/nolog",true).empty() ||
 157         !fgValidatePath(globals->get_fg_home() + "no.log",true).empty() ||
 158         !fgValidatePath("..\\" + globals->get_fg_home() + "/no.log",false).empty() ||
 159         !fgValidatePath(std::string("/tmp/no.xml"),false).empty() ||
 160         fgValidatePath(globals->get_fg_home() + "/./TerraSync/../Export\\yes..gg",true).empty() ||
 161         fgValidatePath(globals->get_fg_home() + "/aircraft-data/yes..xml",true).empty() ||
 162         fgValidatePath(globals->get_fg_root() + "/./\\yes.bmp",false).empty()) {
 163             flightgear::fatalMessageBox("Nasal initialization error",
 164                                     "fgInitAllowedPaths() does not work",
 165                                     "");
 166             exit(-1);
 167     }
 168 }
 169
 170 // Check whether Nasal is allowed to access a path (assumed already normalized)
 171 static std::string fgValidatePath_internal (const std::string& normed_path, bool write)
 172 {
 173     const string_list& allowed_paths(write ? write_allowed_paths : read_allowed_paths);
 174     size_t star_pos;
 175
 176     // Check against each allowed pattern
 177     for( string_list::const_iterator it = allowed_paths.begin();
 178                                      it != allowed_paths.end();
 179                                    ++it )
 180     {
 181         star_pos = it->find('*');
 182         if (star_pos == std::string::npos) {
 183             if (!(it->compare(normed_path))) {
 184                 return normed_path;
 185             }
 186         } else {
 187             if ((it->size()-1 <= normed_path.size()) /* long enough to be a potential match */
 188                 && !(it->substr(0,star_pos)
 189                     .compare(normed_path.substr(0,star_pos))) /* before-star parts match */
 190                 && !(it->substr(star_pos+1,it->size()-star_pos-1)
 191                     .compare(normed_path.substr(star_pos+1+normed_path.size()-it->size(),
 192                       it->size()-star_pos-1))) /* after-star parts match */) {
 193                 return normed_path;
 194             }
 195         }
 196     }
 197     // no match found
 198     return "";
 199 }
 200 // Check whether Nasal is allowed to access a path
 201 // Warning: because this always (not just on Windows) converts \ to /,
 202 // if passing a std::string, use the returned path not the original one
 203 // (This warning does not apply to the SGPath variant, as these are
 204 // so converted on creation.)
 205 std::string fgValidatePath (const std::string& path, bool write)
 206 {
 207     // Normalize the path (prevents ../../.. trickery)
 208     // method 1 allows following symlinks to anywhere
 209     // (https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780867);
 210     // method 2 doesn't, and is intended to eventually replace it
 211     std::string normed_path1 = fgNormalizePath(path);
 212     SGPath path2 = SGPath(path);
 213     std::string normed_path2;
 214     if (path2.exists()) {
 215         normed_path2 = path2.realpath();
 216     } else { // realpath can't check non-existent files
 217         normed_path2 = SGPath(path2.dir()).realpath()
 218             + "/" + path2.file();
 219     }
 220
 221     // Check
 222     if (fgValidatePath_internal(normed_path1, write).empty() ||
 223         fgValidatePath_internal(normed_path2, write).empty()) {
 224         return "";
 225     }
 226     return normed_path1;
 227 }
 228 std::string fgValidatePath(const SGPath& path, bool write) { return fgValidatePath(path.str(),write); }
 229 // end of util.cxx
 230