From: Rebecca N. Palmer Date: Fri, 13 Mar 2015 18:07:24 +0000 (+0000) Subject: Make fgValidatePath always return std::string, not char * X-Git-Url: https://git.mxchange.org/?a=commitdiff_plain;h=9002696195c50219d7df06e098b57c79a289a0e0;p=flightgear.git Make fgValidatePath always return std::string, not char * --- diff --git a/src/Canvas/FGCanvasSystemAdapter.cxx b/src/Canvas/FGCanvasSystemAdapter.cxx index 95b6b65a6..c85b0fa28 100644 --- a/src/Canvas/FGCanvasSystemAdapter.cxx +++ b/src/Canvas/FGCanvasSystemAdapter.cxx @@ -81,9 +81,9 @@ namespace canvas { if( SGPath(path).isAbsolute() ) { - const char* valid_path = fgValidatePath(path.c_str(), false); - if( valid_path ) - return osgDB::readImageFile(valid_path); + std::string valid_path = fgValidatePath(path, false); + if( !valid_path.empty() ) + return osgDB::readImageFile(valid_path.c_str()); SG_LOG(SG_IO, SG_ALERT, "canvas::Image: reading '" << path << "' denied"); } diff --git a/src/Main/fg_commands.cxx b/src/Main/fg_commands.cxx index cdc21d38d..8c9539f5d 100644 --- a/src/Main/fg_commands.cxx +++ b/src/Main/fg_commands.cxx @@ -284,7 +284,7 @@ do_load (const SGPropertyNode * arg) if (file.size() < 4 || file.substr(file.size() - 4) != ".sav") file += ".sav"; - if (!fgValidatePath(file.c_str(), false)) { + if (fgValidatePath(file, false).empty()) { SG_LOG(SG_IO, SG_ALERT, "load: reading '" << file << "' denied " "(unauthorized access)"); return false; @@ -315,7 +315,7 @@ do_save (const SGPropertyNode * arg) if (file.size() < 4 || file.substr(file.size() - 4) != ".sav") file += ".sav"; - if (!fgValidatePath(file.c_str(), false)) { + if (fgValidatePath(file, false).empty()) { SG_LOG(SG_IO, SG_ALERT, "save: writing '" << file << "' denied " "(unauthorized access)"); return false; @@ -1166,7 +1166,7 @@ do_load_xml_to_proptree(const SGPropertyNode * arg) } } - if (!fgValidatePath(file.c_str(), false)) { + if (fgValidatePath(file, false).empty()) { SG_LOG(SG_IO, SG_ALERT, "loadxml: reading '" << file.str() << "' denied " "(unauthorized access)"); return false; @@ -1248,7 +1248,7 @@ do_save_xml_from_proptree(const SGPropertyNode * arg) if (file.extension() != "xml") file.concat(".xml"); - if (!fgValidatePath(file.c_str(), true)) { + if (fgValidatePath(file, true).empty()) { SG_LOG(SG_IO, SG_ALERT, "savexml: writing to '" << file.str() << "' denied " "(unauthorized access)"); return false; diff --git a/src/Main/util.cxx b/src/Main/util.cxx index 28ee47735..b5ea49dc6 100644 --- a/src/Main/util.cxx +++ b/src/Main/util.cxx @@ -116,14 +116,15 @@ void fgInitAllowedPaths() write_allowed_paths.push_back(globals->get_fg_home() + "/runtime-jetways/*.xml"); write_allowed_paths.push_back(globals->get_fg_home() + "/Input/Joysticks/*.xml"); + // Check that it works if(!fgValidatePath(globals->get_fg_home() + "/../no.log",true).empty() || !fgValidatePath(globals->get_fg_home() + "/no.lot",true).empty() || - fgValidatePath((globals->get_fg_home() + "/nolog").c_str(),true) || + !fgValidatePath(globals->get_fg_home() + "/nolog",true).empty() || !fgValidatePath(globals->get_fg_home() + "no.log",true).empty() || !fgValidatePath("..\\" + globals->get_fg_home() + "/no.log",false).empty() || - fgValidatePath("/tmp/no.xml",false) || + !fgValidatePath(std::string("/tmp/no.xml"),false).empty() || fgValidatePath(globals->get_fg_home() + "/./ff/../Export\\yes..gg",true).empty() || - !fgValidatePath((globals->get_fg_home() + "/aircraft-data/yes..xml").c_str(),true) || + fgValidatePath(globals->get_fg_home() + "/aircraft-data/yes..xml",true).empty() || fgValidatePath(globals->get_fg_root() + "/./\\yes.bmp",false).empty()) { flightgear::fatalMessageBox("Nasal initialization error", "fgInitAllowedPaths() does not work", @@ -199,15 +200,6 @@ std::string fgValidatePath (const std::string& path, bool write) // no match found return ""; } -// s.c_str() becomes invalid when s is destroyed, so need a static s -std::string validate_path_temp; -const char* fgValidatePath(const char* path, bool write) -{ - validate_path_temp = fgValidatePath(std::string(path), write); - if(validate_path_temp.empty()){ - return 0; - } - return validate_path_temp.c_str(); -} +std::string fgValidatePath(const SGPath& path, bool write) { return fgValidatePath(path.str(),write); } // end of util.cxx diff --git a/src/Main/util.hxx b/src/Main/util.hxx index 37f401d95..133f1526e 100644 --- a/src/Main/util.hxx +++ b/src/Main/util.hxx @@ -21,6 +21,7 @@ #define __UTIL_HXX 1 #include +#include /** * Move a value towards a target. @@ -41,7 +42,7 @@ double fgGetLowPass (double current, double target, double timeratio); * @param write True for write operations and false for read operations. * @return The validated path on success or 0 if access denied. */ -const char *fgValidatePath (const char *path, bool write); +std::string fgValidatePath(const SGPath& path, bool write); std::string fgValidatePath(const std::string& path, bool write); /** diff --git a/src/Scripting/NasalSys.cxx b/src/Scripting/NasalSys.cxx index 49cf79a36..1fc511a50 100644 --- a/src/Scripting/NasalSys.cxx +++ b/src/Scripting/NasalSys.cxx @@ -703,22 +703,22 @@ static naRef f_parsexml(naContext c, naRef me, int argc, naRef* args) if(!(naIsNil(args[i]) || naIsFunc(args[i]))) naRuntimeError(c, "parsexml(): callback argument not a function"); - const char* file = fgValidatePath(naStr_data(args[0]), false); - if(!file) { + std::string file = fgValidatePath(naStr_data(args[0]), false); + if(file.empty()) { naRuntimeError(c, "parsexml(): reading '%s' denied " "(unauthorized access)", naStr_data(args[0])); return naNil(); } - std::ifstream input(file); + std::ifstream input(file.c_str()); NasalXMLVisitor visitor(c, argc, args); try { readXML(input, visitor); } catch (const sg_exception& e) { naRuntimeError(c, "parsexml(): file '%s' %s", - file, e.getFormattedMessage().c_str()); + file.c_str(), e.getFormattedMessage().c_str()); return naNil(); } - return naStr_fromdata(naNewString(c), const_cast(file), strlen(file)); + return naStr_fromdata(naNewString(c), file.c_str(), file.length()); } /**