Skip to content

Commit

Permalink
add some recrusive detection/prevention
Browse files Browse the repository at this point in the history
Signed-off-by: Robin Appelman <robin@icewind.nl>
  • Loading branch information
icewind1991 authored and skjnldsv committed Feb 23, 2024
1 parent b0b4c7e commit e97578b
Show file tree
Hide file tree
Showing 2 changed files with 27 additions and 3 deletions.
19 changes: 16 additions & 3 deletions apps/files_sharing/lib/SharedStorage.php
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,7 @@
use OC\Files\Storage\FailedStorage;
use OC\Files\Storage\Home;
use OC\Files\Storage\Wrapper\PermissionsMask;
use OC\Files\Storage\Wrapper\Wrapper;
use OC\User\NoUserException;
use OCA\Files_External\Config\ExternalMountPoint;
use OCP\Constants;
Expand Down Expand Up @@ -96,6 +97,8 @@ class SharedStorage extends \OC\Files\Storage\Wrapper\Jail implements ISharedSto

private string $sourcePath = '';

static private int $initDepth = 0;

public function __construct($arguments) {
$this->ownerView = $arguments['ownerView'];
$this->logger = \OC::$server->get(LoggerInterface::class);
Expand Down Expand Up @@ -135,8 +138,15 @@ private function init() {
if ($this->initialized) {
return;
}

$this->initialized = true;
self::$initDepth++;

try {
if (self::$initDepth > 10) {
throw new \Exception("Maximum share depth reached");
}

/** @var IRootFolder $rootFolder */
$rootFolder = \OC::$server->get(IRootFolder::class);
$this->ownerUserFolder = $rootFolder->getUserFolder($this->superShare->getShareOwner());
Expand All @@ -149,6 +159,9 @@ private function init() {
$this->cache = new FailedCache();
$this->rootPath = '';
} else {
if ($this->nonMaskedStorage instanceof Wrapper && $this->nonMaskedStorage->isWrapperOf($this)) {
throw new \Exception('recursive share detected');
}
$this->nonMaskedStorage = $ownerNode->getStorage();
$this->sourcePath = $ownerNode->getPath();
$this->rootPath = $ownerNode->getInternalPath();
Expand Down Expand Up @@ -177,6 +190,7 @@ private function init() {
if (!$this->nonMaskedStorage) {
$this->nonMaskedStorage = $this->storage;
}
self::$initDepth--;
}

/**
Expand Down Expand Up @@ -410,11 +424,10 @@ public function getCache($path = '', $storage = null) {
return new FailedCache();
}

$this->cache = new Cache(
$this->cache = new \OCA\Files_Sharing\Cache(

Check failure on line 427 in apps/files_sharing/lib/SharedStorage.php

View workflow job for this annotation

GitHub Actions / static-code-analysis

TooFewArguments

apps/files_sharing/lib/SharedStorage.php:427:18: TooFewArguments: Too few arguments for OCA\Files_Sharing\Cache::__construct - expecting share to be passed (see https://psalm.dev/025)
$storage,
$sourceRoot,
\OC::$server->get(CacheDependencies::class),
$this->getShare()
\OC::$server->get(DisplayNameCache::class)

Check failure on line 430 in apps/files_sharing/lib/SharedStorage.php

View workflow job for this annotation

GitHub Actions / static-code-analysis

UndefinedClass

apps/files_sharing/lib/SharedStorage.php:430:22: UndefinedClass: Class, interface or enum named OCA\Files_Sharing\DisplayNameCache does not exist (see https://psalm.dev/019)

Check failure

Code scanning / Psalm

UndefinedClass Error

Class, interface or enum named OCA\Files_Sharing\DisplayNameCache does not exist
);

Check failure

Code scanning / Psalm

TooFewArguments Error

Too few arguments for OCA\Files_Sharing\Cache::__construct - expecting share to be passed
return $this->cache;
}
Expand Down
11 changes: 11 additions & 0 deletions lib/private/Files/Storage/Wrapper/Wrapper.php
Original file line number Diff line number Diff line change
Expand Up @@ -654,4 +654,15 @@ public function writeStream(string $path, $stream, int $size = null): int {
public function getDirectoryContent($directory): \Traversable {
return $this->getWrapperStorage()->getDirectoryContent($directory);
}

public function isWrapperOf(IStorage $storage) {
$wrapped = $this->getWrapperStorage();
if ($wrapped === $storage) {
return true;
}
if ($wrapped instanceof Wrapper) {
return $wrapped->isWrapperOf($storage);
}
return false;
}
}

0 comments on commit e97578b

Please sign in to comment.