X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=src%2FScripting%2FNasalSys.cxx;h=8e7622eae1de75af1dbebaadaae6dc17249f4ad9;hb=79f1da6bef439b4d283b7b0ecd7707c56c12f986;hp=421965e48f9107826935c1ffc4dc43f9f73a9153;hpb=6a30e7086ea2f1a060dd77dab6e7e8a15b43e82d;p=flightgear.git

diff --git a/src/Scripting/NasalSys.cxx b/src/Scripting/NasalSys.cxx
index 421965e48..8e7622eae 100644
--- a/src/Scripting/NasalSys.cxx
+++ b/src/Scripting/NasalSys.cxx
@@ -12,6 +12,7 @@
 #endif
 
 #include <string.h>
+#include <errno.h>
 #include <stdio.h>
 #include <sys/types.h>
 #include <sys/stat.h>
@@ -19,6 +20,7 @@
 #include <sstream>
 
 #include <simgear/nasal/nasal.h>
+#include <simgear/nasal/iolib.h>
 #include <simgear/props/props.hxx>
 #include <simgear/math/sg_random.h>
 #include <simgear/misc/sg_path.hxx>
@@ -662,6 +664,28 @@ static naRef f_removeCommand(naContext c, naRef me, int argc, naRef* args)
     return naNil();
 }
 
+static naRef f_open(naContext c, naRef me, int argc, naRef* args)
+{
+    FILE* f;
+    naRef file = argc > 0 ? naStringValue(c, args[0]) : naNil();
+    naRef mode = argc > 1 ? naStringValue(c, args[1]) : naNil();
+    if(!naStr_data(file)) naRuntimeError(c, "bad argument to open()");
+    const char* modestr = naStr_data(mode) ? naStr_data(mode) : "rb";
+    std::string filename = fgValidatePath(naStr_data(file),
+        strcmp(modestr, "rb") && strcmp(modestr, "r"));
+    if(filename.empty()) {
+        SG_LOG(SG_NASAL, SG_ALERT, "open(): reading/writing '" <<
+        naStr_data(file) << "' denied (unauthorized directory - authorization"
+        " no longer follows symlinks; to authorize reading additional "
+        "directories, add them to --fg-aircraft)");
+        naRuntimeError(c, "open(): access denied (unauthorized directory)");
+        return naNil();
+    }
+    f = fopen(filename.c_str(), modestr);
+    if(!f) naRuntimeError(c, strerror(errno));
+    return naIOGhost(c, f);
+}
+
 // Parse XML file.
 //     parsexml(<path> [, <start-tag> [, <end-tag> [, <data> [, <pi>]]]]);
 //
@@ -682,22 +706,25 @@ static naRef f_parsexml(naContext c, naRef me, int argc, naRef* args)
         if(!(naIsNil(args[i]) || naIsFunc(args[i])))
             naRuntimeError(c, "parsexml(): callback argument not a function");
 
-    const char* file = fgValidatePath(naStr_data(args[0]), false);
-    if(!file) {
-        naRuntimeError(c, "parsexml(): reading '%s' denied "
-                "(unauthorized access)", naStr_data(args[0]));
+    std::string file = fgValidatePath(naStr_data(args[0]), false);
+    if(file.empty()) {
+        SG_LOG(SG_NASAL, SG_ALERT, "parsexml(): reading '" <<
+        naStr_data(args[0]) << "' denied (unauthorized directory - authorization"
+        " no longer follows symlinks; to authorize reading additional "
+        "directories, add them to --fg-aircraft)");
+        naRuntimeError(c, "parsexml(): access denied (unauthorized directory)");
         return naNil();
     }
-    std::ifstream input(file);
+    std::ifstream input(file.c_str());
     NasalXMLVisitor visitor(c, argc, args);
     try {
         readXML(input, visitor);
     } catch (const sg_exception& e) {
         naRuntimeError(c, "parsexml(): file '%s' %s",
-                file, e.getFormattedMessage().c_str());
+                file.c_str(), e.getFormattedMessage().c_str());
         return naNil();
     }
-    return naStr_fromdata(naNewString(c), const_cast<char*>(file), strlen(file));
+    return naStr_fromdata(naNewString(c), file.c_str(), file.length());
 }
 
 /**
@@ -810,7 +837,9 @@ void FGNasalSys::init()
     for(i=0; funcs[i].name; i++)
         hashset(_globals, funcs[i].name,
                 naNewFunc(_context, naNewCCode(_context, funcs[i].func)));
-
+    nasal::Hash io_module = nasal::Hash(_globals, _context).get<nasal::Hash>("io");
+    io_module.set("open", f_open);
+    
     // And our SGPropertyNode wrapper
     hashset(_globals, "props", genPropsModule());
 
@@ -857,12 +886,6 @@ void FGNasalSys::init()
     signal->setBoolValue(s, true);
     signal->removeChildren(s);
 
-    if( !checkIOrules() )
-    {
-      SG_LOG(SG_NASAL, SG_ALERT, "Required IOrules check failed.");
-      exit(-1);
-    }
-
     // Pull scripts out of the property tree, too
     loadPropertyScripts();
   
@@ -1292,45 +1315,6 @@ void FGNasalSys::gcRelease(int key)
     naGCRelease(key);
 }
 
-//------------------------------------------------------------------------------
-bool FGNasalSys::checkIOrules()
-{
-  // Ensure IOrules and path validation are working properly by trying to
-  // access a folder/file which should never be accessible.
-  const char* no_access_path =
-#ifdef _WIN32
-    "Z:"
-#endif
-    "/do-not-access";
-
-  bool success = true;
-
-  // write access
-  if( fgValidatePath(no_access_path, true) )
-  {
-    success = false;
-    SG_LOG
-    (
-      SG_GENERAL,
-      SG_ALERT,
-      "Check your IOrules! (write to '" << no_access_path << "' is allowed)"
-    );
-  }
-
-  // read access
-  if( fgValidatePath(no_access_path, false) )
-  {
-    success = false;
-    SG_LOG
-    (
-      SG_GENERAL,
-      SG_ALERT,
-      "Check your IOrules! (read from '" << no_access_path << "' is allowed)"
-    );
-  }
-
-  return success;
-}
 
 //------------------------------------------------------------------------------
 void FGNasalSys::NasalTimer::timerExpired()