//
// $Id$
+#ifdef HAVE_CONFIG_H
+# include <config.h>
+#endif
#include <simgear/compiler.h>
-#include <math.h>
+#include <cmath>
+
+#include <cstdlib>
#include <vector>
-SG_USING_STD(vector);
#include <simgear/debug/logstream.hxx>
+#include <simgear/math/SGLimits.hxx>
+#include <simgear/math/SGMisc.hxx>
+#include <GUI/MessageBox.hxx>
#include "fg_io.hxx"
#include "fg_props.hxx"
#include "globals.hxx"
#include "osgDB/Registry"
#endif
-void
-fgDefaultWeatherValue (const char * propname, double value)
-{
- unsigned int i;
-
- SGPropertyNode * branch = fgGetNode("/environment/config/boundary", true);
- vector<SGPropertyNode_ptr> entries = branch->getChildren("entry");
- for (i = 0; i < entries.size(); i++) {
- entries[i]->setDoubleValue(propname, value);
- }
-
- branch = fgGetNode("/environment/config/aloft", true);
- entries = branch->getChildren("entry");
- for (i = 0; i < entries.size(); i++) {
- entries[i]->setDoubleValue(propname, value);
- }
-}
-
-
-void
-fgSetupWind (double min_hdg, double max_hdg, double speed, double gust)
-{
- // Initialize to a reasonable state
- fgDefaultWeatherValue("wind-from-heading-deg", min_hdg);
- fgDefaultWeatherValue("wind-speed-kt", speed);
-
- SG_LOG(SG_GENERAL, SG_INFO, "WIND: " << min_hdg << '@' <<
- speed << " knots" << endl);
-
- // Now, add some variety to the layers
- min_hdg += 10;
- if (min_hdg > 360)
- min_hdg -= 360;
- speed *= 1.1;
- fgSetDouble("/environment/config/boundary/entry[1]/wind-from-heading-deg",
- min_hdg);
- fgSetDouble("/environment/config/boundary/entry[1]/wind-speed-kt",
- speed);
-
- min_hdg += 20;
- if (min_hdg > 360)
- min_hdg -= 360;
- speed *= 1.1;
- fgSetDouble("/environment/config/aloft/entry[0]/wind-from-heading-deg",
- min_hdg);
- fgSetDouble("/environment/config/aloft/entry[0]/wind-speed-kt",
- speed);
-
- min_hdg += 10;
- if (min_hdg > 360)
- min_hdg -= 360;
- speed *= 1.1;
- fgSetDouble("/environment/config/aloft/entry[1]/wind-from-heading-deg",
- min_hdg);
- fgSetDouble("/environment/config/aloft/entry[1]/wind-speed-kt",
- speed);
-
- min_hdg += 10;
- if (min_hdg > 360)
- min_hdg -= 360;
- speed *= 1.1;
- fgSetDouble("/environment/config/aloft/entry[2]/wind-from-heading-deg",
- min_hdg);
- fgSetDouble("/environment/config/aloft/entry[2]/wind-speed-kt",
- speed);
-}
-
-
-void
-fgExit (int status)
-{
-#ifdef OSG_LIBRARY_STATIC
- osgDB::Registry::instance( true);
-#endif
-
- SG_LOG(SG_GENERAL, SG_INFO, "Exiting FlightGear with status " << status);
- exit(status);
-}
-
+using std::vector;
// Originally written by Alex Perry.
double
return current;
}
+// Normalize a path
+// Unlike SGPath::realpath, does not require that the file already exists,
+// but does require that it be below the starting point
+static std::string fgNormalizePath (const std::string& path)
+{
+ string_list path_parts;
+ char c;
+ std::string normed_path = "", this_part = "";
+
+ for (int pos = 0; ; pos++) {
+ c = path[pos];
+ if (c == '\\') { c = '/'; }
+ if ((c == '/') || (c == 0)) {
+ if ((this_part == "/..") || (this_part == "..")) {
+ if (path_parts.empty()) { return ""; }
+ path_parts.pop_back();
+ } else if ((this_part != "/.") && (this_part != "/")) {
+ path_parts.push_back(this_part);
+ }
+ this_part = "";
+ }
+ if (c == 0) { break; }
+ this_part = this_part + c;
+ }
+ for( string_list::const_iterator it = path_parts.begin();
+ it != path_parts.end();
+ ++it )
+ {
+ normed_path.append(*it);
+ }
+ return normed_path;
+ }
+
+static string_list read_allowed_paths;
+static string_list write_allowed_paths;
-string
-fgUnescape(const char *s)
+// Allowed paths here are absolute, and may contain _one_ *,
+// which matches any string
+// FG_SCENERY is deliberately not allowed, as it would make
+// /sim/terrasync/scenery-dir a security hole
+void fgInitAllowedPaths()
{
- string r;
- while (*s) {
- if (*s != '\\') {
- r += *s++;
- continue;
+ read_allowed_paths.clear();
+ write_allowed_paths.clear();
+ std::string fg_root = fgNormalizePath(globals->get_fg_root());
+ std::string fg_home = fgNormalizePath(globals->get_fg_home());
+ read_allowed_paths.push_back(fg_root + "/*");
+ read_allowed_paths.push_back(fg_home + "/*");
+ string_list const aircraft_paths = globals->get_aircraft_paths();
+ for( string_list::const_iterator it = aircraft_paths.begin();
+ it != aircraft_paths.end();
+ ++it )
+ {
+ read_allowed_paths.push_back(fgNormalizePath(*it) + "/*");
+ }
+
+ for( string_list::const_iterator it = read_allowed_paths.begin();
+ it != read_allowed_paths.end();
+ ++it )
+ { // if we get the initialization order wrong, better to have an
+ // obvious error than a can-read-everything security hole...
+ if (!(it->compare("/*"))){
+ flightgear::fatalMessageBox("Nasal initialization error",
+ "Empty string in FG_ROOT, FG_HOME or FG_AIRCRAFT",
+ "or fgInitAllowedPaths() called too early");
+ exit(-1);
}
- if (!*++s)
- break;
- if (*s == '\\') {
- r += '\\';
- } else if (*s == 'n') {
- r += '\n';
- } else if (*s == 'r') {
- r += '\r';
- } else if (*s == 't') {
- r += '\t';
- } else if (*s == 'v') {
- r += '\v';
- } else if (*s == 'f') {
- r += '\f';
- } else if (*s == 'a') {
- r += '\a';
- } else if (*s == 'b') {
- r += '\b';
- } else if (*s == 'x') {
- if (!*++s)
- break;
- int v = 0;
- for (int i = 0; i < 2 && isxdigit(*s); i++, s++)
- v = v * 16 + (isdigit(*s) ? *s - '0' : 10 + tolower(*s) - 'a');
- r += v;
- continue;
-
- } else if (*s >= '0' && *s <= '7') {
- int v = *s++ - '0';
- for (int i = 0; i < 3 && *s >= '0' && *s <= '7'; i++, s++)
- v = v * 8 + *s - '0';
- r += v;
- continue;
+ }
+ write_allowed_paths.push_back(fg_home + "/*.sav");
+ write_allowed_paths.push_back(fg_home + "/*.log");
+ write_allowed_paths.push_back(fg_home + "/cache/*");
+ write_allowed_paths.push_back(fg_home + "/Export/*");
+ write_allowed_paths.push_back(fg_home + "/state/*.xml");
+ write_allowed_paths.push_back(fg_home + "/aircraft-data/*.xml");
+ write_allowed_paths.push_back(fg_home + "/Wildfire/*.xml");
+ write_allowed_paths.push_back(fg_home + "/runtime-jetways/*.xml");
+ write_allowed_paths.push_back(fg_home + "/Input/Joysticks/*.xml");
+
+ // Check that it works
+ if(!fgValidatePath(globals->get_fg_home() + "/../no.log",true).empty() ||
+ !fgValidatePath(globals->get_fg_home() + "/no.logt",true).empty() ||
+ !fgValidatePath(globals->get_fg_home() + "/nolog",true).empty() ||
+ !fgValidatePath(globals->get_fg_home() + "no.log",true).empty() ||
+ !fgValidatePath(globals->get_fg_home() + "\\..\\no.log",false).empty() ||
+ fgValidatePath(globals->get_fg_home() + "/aircraft-data/yes..xml",true).empty() ||
+ fgValidatePath(globals->get_fg_root() + "/.\\yes.bmp",false).empty()) {
+ flightgear::fatalMessageBox("Nasal initialization error",
+ "fgInitAllowedPaths() does not work",
+ "");
+ exit(-1);
+ }
+}
+// Check whether Nasal is allowed to access a path (assumed already normalized)
+static std::string fgValidatePath_internal (const std::string& normed_path, bool write)
+{
+ const string_list& allowed_paths(write ? write_allowed_paths : read_allowed_paths);
+ size_t star_pos;
+
+ // Check against each allowed pattern
+ for( string_list::const_iterator it = allowed_paths.begin();
+ it != allowed_paths.end();
+ ++it )
+ {
+ star_pos = it->find('*');
+ if (star_pos == std::string::npos) {
+ if (!(it->compare(normed_path))) {
+ return normed_path;
+ }
} else {
- r += *s;
+ if ((it->size()-1 <= normed_path.size()) /* long enough to be a potential match */
+ && !(it->substr(0,star_pos)
+ .compare(normed_path.substr(0,star_pos))) /* before-star parts match */
+ && !(it->substr(star_pos+1,it->size()-star_pos-1)
+ .compare(normed_path.substr(star_pos+1+normed_path.size()-it->size(),
+ it->size()-star_pos-1))) /* after-star parts match */) {
+ return normed_path;
+ }
}
- s++;
}
- return r;
+ // no match found
+ return "";
}
+// Check whether Nasal is allowed to access a path
+// Warning: because this always (not just on Windows) converts \ to /,
+// if passing a std::string, use the returned path not the original one
+// (This warning does not apply to the SGPath variant, as these are
+// so converted on creation.)
+std::string fgValidatePath (const std::string& path, bool write)
+{
+ // Normalize the path (prevents ../../.. trickery)
+ // method 1 allows following symlinks to anywhere
+ // (https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780867);
+ // method 2 doesn't, and is intended to eventually replace it
+ std::string normed_path1 = fgNormalizePath(path);
+ SGPath path2 = SGPath(path);
+ std::string normed_path2;
+ if (path2.exists()) {
+ normed_path2 = path2.realpath();
+ } else { // realpath can't check non-existent files
+ normed_path2 = SGPath(path2.dir()).realpath()
+ + "/" + path2.file();
+ }
+#if defined(_MSC_VER) /*for MS compilers */ || defined(_WIN32) /*needed for non MS windows compilers like MingW*/
+ normed_path2 = SGPath(normed_path2).str(); // convert \ to /
+#endif
+ // Check
+ if (fgValidatePath_internal(normed_path1, write).empty() ||
+ fgValidatePath_internal(normed_path2, write).empty()) {
+ return "";
+ }
+ return normed_path1;
+}
+std::string fgValidatePath(const SGPath& path, bool write) { return fgValidatePath(path.str(),write); }
// end of util.cxx
projects / flightgear.git / blobdiff