summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorqwang12 <qwang12@6f19259b-4bc3-4df7-8a09-765794883524>2008-04-01 12:35:56 +0000
committerqwang12 <qwang12@6f19259b-4bc3-4df7-8a09-765794883524>2008-04-01 12:35:56 +0000
commit4d3840844d284538dbc9f9005f63f05ea15fc7d0 (patch)
treefb132e71b2261c0446c286a2a814775d36d4e2d4
parentf100bb0983793e914a6212c94b669404b1087e07 (diff)
downloadedk2-platforms-4d3840844d284538dbc9f9005f63f05ea15fc7d0.tar.xz
In this fix, WinNtSimpleFileSystemOpen only trims the leading and trailing blank space in the input FileName. The previous implementation before this fix trims all the trailing dots including the case for ".\..", which should move the directory up one level.
A new function IsFileNameValid is added to check if input FileName is valid. If the FileName meets the following scenirio, it will be considered to be invalid: 1) There is two "\" in the path. For example, ".\SomePath\\". 2) There is a least one "/" in the path. The reason is that UEFI 2.1 specifcation only mention that ".", ".." and "\" is valid path modifiers. 3) There is more than two continous dots in the path name token. For example, ".\SomePath\....\SomeName.txt". git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@4973 6f19259b-4bc3-4df7-8a09-765794883524
-rw-r--r--Nt32Pkg/WinNtSimpleFileSystemDxe/WinNtSimpleFileSystem.c163
1 files changed, 159 insertions, 4 deletions
diff --git a/Nt32Pkg/WinNtSimpleFileSystemDxe/WinNtSimpleFileSystem.c b/Nt32Pkg/WinNtSimpleFileSystemDxe/WinNtSimpleFileSystem.c
index 490d32a892..2e3588e34c 100644
--- a/Nt32Pkg/WinNtSimpleFileSystemDxe/WinNtSimpleFileSystem.c
+++ b/Nt32Pkg/WinNtSimpleFileSystemDxe/WinNtSimpleFileSystem.c
@@ -1,6 +1,6 @@
/**@file
-Copyright (c) 2006 - 2007, Intel Corporation
+Copyright (c) 2006 - 2008, Intel Corporation
All rights reserved. This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -617,6 +617,156 @@ Done:
return Status;
}
+/**
+ Count the number of Leading Dot in FileNameToken.
+
+ @param FileNameToken A string representing a token in the path name.
+
+ @return UINTN The number of leading dot in the name.
+
+**/
+UINTN
+CountLeadingDots (
+ IN CONST CHAR16 * FileNameToken
+ )
+{
+ UINTN Num;
+
+ Num = 0;
+ while (*FileNameToken == L'.') {
+ Num++;
+ FileNameToken++;
+ }
+
+ return Num;
+}
+
+BOOLEAN
+IsFileNameTokenValid (
+ IN CONST CHAR16 * FileNameToken
+ )
+{
+ UINTN Num;
+ if (StrStr (FileNameToken, L"/") != NULL) {
+ //
+ // No L'/' in file name.
+ //
+ return FALSE;
+ } else {
+ //
+ // If Token has all dot, the number should not exceed 2
+ //
+ Num = CountLeadingDots (FileNameToken);
+
+ if (Num == StrLen (FileNameToken)) {
+ //
+ // If the FileNameToken only contains a number of L'.'.
+ //
+ if (Num > 2) {
+ return FALSE;
+ }
+ }
+ }
+
+ return TRUE;
+}
+
+/**
+ Return the first string token found in the indirect pointer a String named by FileName.
+
+ On input, FileName is a indirect pointer pointing to a String.
+ On output, FileName is a updated to point to the next character after the first
+ found L"\" or NULL if there is no L"\" found.
+
+ @param FileName A indirect pointer pointing to a FileName.
+
+ @return Token The first string token found before a L"\".
+
+**/
+CHAR16 *
+GetNextFileNameToken (
+ IN OUT CONST CHAR16 ** FileName
+ )
+{
+ CHAR16 *SlashPos;
+ CHAR16 *Token;
+ UINTN Offset;
+ ASSERT (**FileName != L'\\');
+ ASSERT (**FileName != L'\0');
+
+ SlashPos = StrStr (*FileName, L"\\");
+ if (SlashPos == NULL) {
+ Token = AllocateCopyPool (StrSize(*FileName), *FileName);
+ *FileName = NULL;
+ } else {
+ Offset = SlashPos - *FileName;
+ Token = AllocateZeroPool ((Offset + 1) * sizeof (CHAR16));
+ StrnCpy (Token, *FileName, Offset);
+ //
+ // Point *FileName to the next character after L'\'.
+ //
+ *FileName = *FileName + Offset + 1;
+ }
+
+ return Token;
+}
+
+/**
+ Check if a FileName contains only Valid Characters.
+
+ If FileName contains only a single L'\', return TRUE.
+ If FileName contains two adjacent L'\', return FALSE.
+ If FileName conatins L'/' , return FALSE.
+ If FielName contains more than two dots seperated with other FileName characters
+ by L'\', return FALSE. For example, L'.\...\filename.txt' is invalid path name. But L'..TwoDots\filename.txt' is valid path name.
+
+ @param FileName The File Name String to check.
+
+ @return TRUE FileName only contains valid characters.
+ @return FALSE FileName contains at least one invalid character.
+
+**/
+
+BOOLEAN
+IsFileNameValid (
+ IN CONST CHAR16 *FileName
+ )
+{
+ CHAR16 *Token;
+ BOOLEAN Valid;
+
+ //
+ // If FileName is just L'\', then it is a valid pathname.
+ //
+ if (StrCmp (FileName, L"\\") == 0) {
+ return TRUE;
+ }
+ //
+ // We don't support two or more adjacent L'\'.
+ //
+ if (StrStr (FileName, L"\\\\") != NULL) {
+ return FALSE;
+ }
+
+ //
+ // Is FileName has a leading L"\", skip to next character.
+ //
+ if (FileName [0] == L'\\') {
+ FileName++;
+ }
+
+ do {
+ Token = GetNextFileNameToken (&FileName);
+ Valid = IsFileNameTokenValid (Token);
+ FreePool (Token);
+
+ if (!Valid)
+ return FALSE;
+ } while (FileName != NULL);
+
+ return TRUE;
+}
+
EFI_STATUS
EFIAPI
WinNtSimpleFileSystemOpen (
@@ -634,7 +784,7 @@ Routine Description:
Arguments:
- This - A pointer to the source file location.
+ This - A pointer to the seource file location.
NewHandle - Pointer to storage for the new file handle.
@@ -767,10 +917,10 @@ OpenRoot:
}
CutPrefix (FileName, Count);
//
- // Trim trailing dots and blanks
+ // Trim trailing blanks
//
for (TempFileName = FileName + StrLen (FileName) - 1;
- TempFileName >= FileName && (*TempFileName == L' ' || *TempFileName == L'.');
+ TempFileName >= FileName && (*TempFileName == L' ');
TempFileName--) {
;
}
@@ -821,6 +971,11 @@ OpenRoot:
}
}
+ if (!IsFileNameValid (NewPrivateFile->FileName)) {
+ Status = EFI_NOT_FOUND;
+ goto Done;
+ }
+
//
// Get rid of . and .., except leading . or ..
//