From 97f235173e5651998516ee048f63ac6a20df99db Mon Sep 17 00:00:00 2001 From: "Rebecca N. Palmer" Date: Sun, 22 Nov 2015 11:03:00 +0000 Subject: [PATCH] fgValidatePath: documentation improvements --- src/Main/util.cxx | 21 +++++++++++++-------- src/Main/util.hxx | 7 ++++++- 2 files changed, 19 insertions(+), 9 deletions(-) diff --git a/src/Main/util.cxx b/src/Main/util.cxx index 286396784..65983ce04 100644 --- a/src/Main/util.cxx +++ b/src/Main/util.cxx @@ -75,10 +75,12 @@ fgGetLowPass (double current, double target, double timeratio) static string_list read_allowed_paths; static string_list write_allowed_paths; -// Allowed paths here are absolute, and may contain _one_ *, -// which matches any string -// FG_SCENERY is deliberately not allowed, as it would make -// /sim/terrasync/scenery-dir a security hole +/** + * Allowed paths here are absolute, and may contain _one_ *, + * which matches any string + * FG_SCENERY is deliberately not allowed, as it would make + * /sim/terrasync/scenery-dir a security hole + */ void fgInitAllowedPaths() { if(SGPath("ygjmyfvhhnvdoesnotexist").realpath() == "ygjmyfvhhnvdoesnotexist"){ @@ -142,10 +144,13 @@ void fgInitAllowedPaths() } } -// Check whether Nasal is allowed to access a path -// Warning: because this always (not just on Windows) converts \ to /, -// and accepts relative paths (check-to-use race if the current directory -// changes), always use the returned path not the original one +/** + * Check whether Nasal is allowed to access a path + * Warning: because this always (not just on Windows) treats both \ and / + * as path separators, and accepts relative paths (check-to-use race if + * the current directory changes), + * always use the returned path not the original one + */ std::string fgValidatePath (const std::string& path, bool write) { // Normalize the path (prevents ../../.. or symlink trickery) diff --git a/src/Main/util.hxx b/src/Main/util.hxx index 133f1526e..f078d0fdb 100644 --- a/src/Main/util.hxx +++ b/src/Main/util.hxx @@ -40,7 +40,12 @@ double fgGetLowPass (double current, double target, double timeratio); * File access control, used by Nasal and fgcommands. * @param path Path to be validated * @param write True for write operations and false for read operations. - * @return The validated path on success or 0 if access denied. + * @return The validated path on success or empty if access denied. + * + * Warning: because this always (not just on Windows) treats both \ and / + * as path separators, and accepts relative paths (check-to-use race if + * the current directory changes), + * always use the returned path not the original one */ std::string fgValidatePath(const SGPath& path, bool write); std::string fgValidatePath(const std::string& path, bool write); -- 2.39.5