X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=src%2FMain%2Futil.cxx;h=1974d64b3686dbb1983fae82851ef764170f668a;hb=29ef561ed9d2413e01b0bcda23896f32831c1184;hp=3daeb991b712c4696cb481b59bc14dc958a73339;hpb=56d8181da3907eb159a591903c216fdce96fcb81;p=flightgear.git diff --git a/src/Main/util.cxx b/src/Main/util.cxx index 3daeb991b..1974d64b3 100644 --- a/src/Main/util.cxx +++ b/src/Main/util.cxx @@ -17,110 +17,40 @@ // // $Id$ +#ifdef HAVE_CONFIG_H +# include +#endif #include -#include +#include + +#include #include -SG_USING_STD(vector); #include +#include +#include +#include #include "fg_io.hxx" #include "fg_props.hxx" #include "globals.hxx" #include "util.hxx" +#ifdef OSG_LIBRARY_STATIC +#include "osgDB/Registry" +#endif -void -fgDefaultWeatherValue (const char * propname, double value) -{ - unsigned int i; - - SGPropertyNode * branch = fgGetNode("/environment/config/boundary", true); - vector entries = branch->getChildren("entry"); - for (i = 0; i < entries.size(); i++) { - entries[i]->setDoubleValue(propname, value); - } - - branch = fgGetNode("/environment/config/aloft", true); - entries = branch->getChildren("entry"); - for (i = 0; i < entries.size(); i++) { - entries[i]->setDoubleValue(propname, value); - } -} - - -void -fgSetupWind (double min_hdg, double max_hdg, double speed, double gust) -{ - // Initialize to a reasonable state - fgDefaultWeatherValue("wind-from-heading-deg", min_hdg); - fgDefaultWeatherValue("wind-speed-kt", speed); - - SG_LOG(SG_GENERAL, SG_INFO, "WIND: " << min_hdg << '@' << - speed << " knots" << endl); - - // Now, add some variety to the layers - min_hdg += 10; - if (min_hdg > 360) - min_hdg -= 360; - speed *= 1.1; - fgSetDouble("/environment/config/boundary/entry[1]/wind-from-heading-deg", - min_hdg); - fgSetDouble("/environment/config/boundary/entry[1]/wind-speed-kt", - speed); - - min_hdg += 20; - if (min_hdg > 360) - min_hdg -= 360; - speed *= 1.1; - fgSetDouble("/environment/config/aloft/entry[0]/wind-from-heading-deg", - min_hdg); - fgSetDouble("/environment/config/aloft/entry[0]/wind-speed-kt", - speed); - - min_hdg += 10; - if (min_hdg > 360) - min_hdg -= 360; - speed *= 1.1; - fgSetDouble("/environment/config/aloft/entry[1]/wind-from-heading-deg", - min_hdg); - fgSetDouble("/environment/config/aloft/entry[1]/wind-speed-kt", - speed); - - min_hdg += 10; - if (min_hdg > 360) - min_hdg -= 360; - speed *= 1.1; - fgSetDouble("/environment/config/aloft/entry[2]/wind-from-heading-deg", - min_hdg); - fgSetDouble("/environment/config/aloft/entry[2]/wind-speed-kt", - speed); -} - - -void -fgExit (int status) -{ - // remove subsystems first, which need access to other subsystems in their - // destructors (e.g. "nasal") - SGSubsystem *sub = globals->get_subsystem("ai_model"); - globals->get_subsystem_mgr()->get_group(SGSubsystemMgr::GENERAL)->remove_subsystem("ai_model"); - delete sub; - - SG_LOG(SG_GENERAL, SG_INFO, "Exiting FlightGear with status " << status); - exit(status); -} - +using std::vector; // Originally written by Alex Perry. double fgGetLowPass (double current, double target, double timeratio) { if ( timeratio < 0.0 ) { - if ( timeratio < -1.0 ) { + if ( timeratio < -1.0 ) { // time went backwards; kill the filter current = target; } else { @@ -142,5 +72,160 @@ fgGetLowPass (double current, double target, double timeratio) return current; } +// Normalize a path +// Unlike SGPath::realpath, does not require that the file already exists, +// but does require that it be below the starting point +static std::string fgNormalizePath (const std::string& path) +{ + string_list path_parts; + char c; + std::string normed_path = "", this_part = ""; + + for (int pos = 0; ; pos++) { + c = path[pos]; + if (c == '\\') { c = '/'; } + if ((c == '/') || (c == 0)) { + if ((this_part == "/..") || (this_part == "..")) { + if (path_parts.empty()) { return ""; } + path_parts.pop_back(); + } else if ((this_part != "/.") && (this_part != "/")) { + path_parts.push_back(this_part); + } + this_part = ""; + } + if (c == 0) { break; } + this_part = this_part + c; + } + for( string_list::const_iterator it = path_parts.begin(); + it != path_parts.end(); + ++it ) + { + normed_path.append(*it); + } + return normed_path; + } + +static string_list read_allowed_paths; +static string_list write_allowed_paths; + +// Allowed paths here are absolute, and may contain _one_ *, +// which matches any string +// FG_SCENERY is deliberately not allowed, as it would make +// /sim/terrasync/scenery-dir a security hole +void fgInitAllowedPaths() +{ + read_allowed_paths.clear(); + write_allowed_paths.clear(); + std::string fg_root = fgNormalizePath(globals->get_fg_root()); + std::string fg_home = fgNormalizePath(globals->get_fg_home()); + read_allowed_paths.push_back(fg_root + "/*"); + read_allowed_paths.push_back(fg_home + "/*"); + string_list const aircraft_paths = globals->get_aircraft_paths(); + for( string_list::const_iterator it = aircraft_paths.begin(); + it != aircraft_paths.end(); + ++it ) + { + read_allowed_paths.push_back(fgNormalizePath(*it) + "/*"); + } + + for( string_list::const_iterator it = read_allowed_paths.begin(); + it != read_allowed_paths.end(); + ++it ) + { // if we get the initialization order wrong, better to have an + // obvious error than a can-read-everything security hole... + if (!(it->compare("/*"))){ + flightgear::fatalMessageBox("Nasal initialization error", + "Empty string in FG_ROOT, FG_HOME or FG_AIRCRAFT", + "or fgInitAllowedPaths() called too early"); + exit(-1); + } + } + write_allowed_paths.push_back(fg_home + "/*.sav"); + write_allowed_paths.push_back(fg_home + "/*.log"); + write_allowed_paths.push_back(fg_home + "/cache/*"); + write_allowed_paths.push_back(fg_home + "/Export/*"); + write_allowed_paths.push_back(fg_home + "/state/*.xml"); + write_allowed_paths.push_back(fg_home + "/aircraft-data/*.xml"); + write_allowed_paths.push_back(fg_home + "/Wildfire/*.xml"); + write_allowed_paths.push_back(fg_home + "/runtime-jetways/*.xml"); + write_allowed_paths.push_back(fg_home + "/Input/Joysticks/*.xml"); + + // Check that it works + if(!fgValidatePath(globals->get_fg_home() + "/../no.log",true).empty() || + !fgValidatePath(globals->get_fg_home() + "/no.logt",true).empty() || + !fgValidatePath(globals->get_fg_home() + "/nolog",true).empty() || + !fgValidatePath(globals->get_fg_home() + "no.log",true).empty() || + !fgValidatePath(globals->get_fg_home() + "\\..\\no.log",false).empty() || + fgValidatePath(globals->get_fg_home() + "/aircraft-data/yes..xml",true).empty() || + fgValidatePath(globals->get_fg_root() + "/.\\yes.bmp",false).empty()) { + flightgear::fatalMessageBox("Nasal initialization error", + "fgInitAllowedPaths() does not work", + ""); + exit(-1); + } +} + +// Check whether Nasal is allowed to access a path (assumed already normalized) +static std::string fgValidatePath_internal (const std::string& normed_path, bool write) +{ + const string_list& allowed_paths(write ? write_allowed_paths : read_allowed_paths); + size_t star_pos; + + // Check against each allowed pattern + for( string_list::const_iterator it = allowed_paths.begin(); + it != allowed_paths.end(); + ++it ) + { + star_pos = it->find('*'); + if (star_pos == std::string::npos) { + if (!(it->compare(normed_path))) { + return normed_path; + } + } else { + if ((it->size()-1 <= normed_path.size()) /* long enough to be a potential match */ + && !(it->substr(0,star_pos) + .compare(normed_path.substr(0,star_pos))) /* before-star parts match */ + && !(it->substr(star_pos+1,it->size()-star_pos-1) + .compare(normed_path.substr(star_pos+1+normed_path.size()-it->size(), + it->size()-star_pos-1))) /* after-star parts match */) { + return normed_path; + } + } + } + // no match found + return ""; +} +// Check whether Nasal is allowed to access a path +// Warning: because this always (not just on Windows) converts \ to /, +// if passing a std::string, use the returned path not the original one +// (This warning does not apply to the SGPath variant, as these are +// so converted on creation.) +std::string fgValidatePath (const std::string& path, bool write) +{ + // Normalize the path (prevents ../../.. trickery) + // method 1 allows following symlinks to anywhere + // (https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780867); + // method 2 doesn't, and is intended to eventually replace it + std::string normed_path1 = fgNormalizePath(path); + SGPath path2 = SGPath(path); + std::string normed_path2; + if (path2.exists()) { + normed_path2 = path2.realpath(); + } else { // realpath can't check non-existent files + normed_path2 = SGPath(path2.dir()).realpath() + + "/" + path2.file(); + } +#if defined(_MSC_VER) /*for MS compilers */ || defined(_WIN32) /*needed for non MS windows compilers like MingW*/ + normed_path2 = SGPath(normed_path2).str(); // convert \ to / +#endif + + // Check + if (fgValidatePath_internal(normed_path1, write).empty() || + fgValidatePath_internal(normed_path2, write).empty()) { + return ""; + } + return normed_path1; +} +std::string fgValidatePath(const SGPath& path, bool write) { return fgValidatePath(path.str(),write); } // end of util.cxx