String absolute(const String &path, bool writable) { if (path.empty()) { return ""; } if (path.front() == '%') { if (path.compare(0, "%CACHE%"_len, "%CACHE%") == 0) { return filesystem::cachesPath(path.substr(7), true); } else if (path.compare(0, "%DOCUMENTS%"_len, "%DOCUMENTS%") == 0) { return filesystem::documentsPath(path.substr(11), true); } else if (path.compare(0, "%WRITEABLE%"_len, "%WRITEABLE%") == 0) { return filesystem::writablePath(path.substr(11), true); } else if (path.compare(0, "%CURRENT%"_len, "%CURRENT%") == 0) { return filesystem::currentDir(path.substr(9), true); } else if (path.compare(0, "%PLATFORM%:"_len, "%PLATFORM%:") == 0) { return path; } } if (isAbsolute(path)) { return validatePath(path)?path:reconstructPath(path); } if (!writable && !isAboveRoot(path)) { if (validatePath(path)) { return platform::filesystem::_exists(path)?path:filesystem::writablePath(path); } else { auto ret = reconstructPath(path); return platform::filesystem::_exists(ret)?ret:filesystem::writablePath(ret); } } return validatePath(path)?filesystem::writablePath(path):reconstructPath(filesystem::writablePath(path)); }
bool Downloader::openDownloadFile(QString filename) { // Check destination path exists if (!validatePath()) return false; // Get filename from url if not given as parameter QFileInfo fileInfo(url->path()); if (filename.isEmpty()) filename = fileInfo.fileName(); // Create full filename QString full_filename = (boost::filesystem::path(destination) / filename.toStdString()).string().c_str(); LOG("Downloading to " << full_filename.toStdString()); // Remove existing file if (QFile::exists(full_filename)) { if (!CONFIG.overwrite()) {//overwrite check LOG("File exists. not overwriting"); return false; } QFile::remove(full_filename); } file = new QFile(full_filename, this); // Open local file for writing. if (!file->open(QIODevice::Truncate|QIODevice::WriteOnly)) { DELETELATER(file); return false; } emit currentDownloadFilename(filename); return true; }
bool UploadInfoPage::validateInput() { if (!m_tbItemFile) return false; bool state = true; if (!validatePath(m_tbItemFile, TYPE_FILE)) state = false; m_butUpload->Enable( state ); return state; };
int main(int argc, char **argv) { struct Buffer_charp rpaths; struct Buffer_char options; char *wpath = NULL, *arg; char *envpaths; int i, j, argi, tmpi; unsigned long mountflags = 0; int allowclear = 0, clear = 0, userwpath = 1; INIT_BUFFER(rpaths); WRITE_ONE_BUFFER(rpaths, NULL); /* filled in by forced dir later */ /* get all the paths out of the environment */ envpaths = getenv(PATHENV); if (envpaths && envpaths[0]) { char *saveptr; arg = strtok_r(envpaths, ":", &saveptr); while (arg) { WRITE_ONE_BUFFER(rpaths, arg); arg = strtok_r(NULL, ":", &saveptr); } } /* get all the paths out of the args */ for (argi = 1; argi < argc; argi++) { arg = argv[argi]; if (arg[0] == '-') { if (!strcmp(arg, "-w") && argi < argc - 1) { argi++; wpath = argv[argi]; } else if (!strcmp(arg, "-r")) { /* reset current paths (ignore environment) */ rpaths.bufused = 1; allowclear = 1; } else if (!strcmp(arg, "--") && argi < argc - 1) { argi++; break; } else { fprintf(stderr, "Unrecognized option %s\n", arg); } } else { WRITE_ONE_BUFFER(rpaths, arg); } } if (argi >= argc) { if (getuid() != geteuid()) { fprintf(stderr, "Only root may remount an existing view\n"); return 1; } mountflags |= MS_REMOUNT; } /* validate all our paths */ for (i = 1; i < rpaths.bufused; i++) { validatePath(&rpaths.buf[i]); } validatePath(&wpath); rpaths.buf[0] = FORCEDIR; if (!wpath) { wpath = DEFAULTWRITEDIR; userwpath = 0; } /* make sure there are no duplicates */ for (i = 1; i < rpaths.bufused; i++) { if (!rpaths.buf[i]) continue; if (!strcmp(rpaths.buf[i], wpath)) { rpaths.buf[i] = NULL; continue; } for (j = 0; j < i; j++) { if (rpaths.buf[j] && !strcmp(rpaths.buf[i], rpaths.buf[j])) { rpaths.buf[i] = NULL; break; } } } /* are we trying to clear /usr? */ if (rpaths.bufused == 1) { /* no options = unmount all */ if (!allowclear) { fprintf(stderr, "To explicitly clear all /usr mounts, -r must be specified\n"); return 1; } clear = 1; } /* perform the mount */ if (!(mountflags & MS_REMOUNT)) SF(tmpi, unshare, -1, (CLONE_NEWNS)); if (clear) { do { tmpi = umount("/usr"); } while (tmpi == 0); if (errno != EINVAL) perror("/usr"); } else { /* first mount */ INIT_BUFFER(options); WRITE_STR_BUFFER(options, "br:"); WRITE_BUFFER(options, wpath, strlen(wpath) + 1); tmpi = mount("none", BASE, "aufs", mountflags, options.buf); if (tmpi == -1 && (mountflags & MS_REMOUNT)) { /* OK, we tried to remount, maybe it just wasn't mounted though */ mountflags &= ~(MS_REMOUNT); tmpi = mount("none", BASE, "aufs", mountflags, options.buf); } /* remaining mounts */ for (i = 0; tmpi != -1 && i < rpaths.bufused; i++) { if (!rpaths.buf[i]) continue; options.bufused = 0; WRITE_STR_BUFFER(options, "append:"); WRITE_BUFFER(options, rpaths.buf[i], strlen(rpaths.buf[i])); if (!userwpath) WRITE_STR_BUFFER(options, "=rw"); WRITE_STR_BUFFER(options, "\0"); tmpi = mount("none", BASE, "aufs", mountflags|MS_REMOUNT, options.buf); } if (tmpi == -1) { perror("mount"); return 1; } } /* drop privs */ SF(tmpi, setuid, -1, (getuid())); SF(tmpi, setgid, -1, (getgid())); /* free our mount options */ FREE_BUFFER(options); /* add it to the environment */ INIT_BUFFER(options); for (i = 0; i < rpaths.bufused; i++) { arg = rpaths.buf[i]; if (arg) { if (options.bufused) WRITE_STR_BUFFER(options, ":"); WRITE_BUFFER(options, arg, strlen(arg)); } } WRITE_STR_BUFFER(options, "\0"); SF(tmpi, setenv, -1, (PATHENV, options.buf, 1)); FREE_BUFFER(options); if (userwpath) { SF(tmpi, setenv, -1, (WRITEENV, wpath, 1)); } else { SF(tmpi, unsetenv, -1, (WRITEENV)); } /* then run it */ if (argi < argc) { execvp(argv[argi], argv + argi); fprintf(stderr, "[usrview] "); perror(argv[argi]); return 1; } else { return 0; } }
void createResponse(bufferevent *pBufferEvent) { struct evbuffer* pInputBuffer = bufferevent_get_input(pBufferEvent); struct evbuffer* pOutputBuffer = bufferevent_get_output(pBufferEvent); char *line; size_t size = 0; line = evbuffer_readln(pInputBuffer, &size, EVBUFFER_EOL_CRLF); std::string Request = std::string(line); //std::cout << Request << "\n"; //read method and path size_t nMethodEnd = Request.find(" "); std::string sMethod = std::string(Request, 0, nMethodEnd); //std::cout << sMethod << "\n"; size_t nPathEnd = Request.find(" ", nMethodEnd+1); std::string sRawPath = std::string(Request, nMethodEnd+1, nPathEnd-nMethodEnd-1); //std::cout << sRawPath << "\n"; size_t nDelimPos = sRawPath.find('?'); std::string sHalfRawPath = sRawPath.substr(0, nDelimPos); //std::cout << sHalfRawPath << "\n"; char* sTempPath = new char[sHalfRawPath.length()+1]; // at most the same size + term\0 urlDecode(sTempPath, sHalfRawPath.c_str()); std::string sPath = std::string(sTempPath); //std::cout << sPath << "\n"; if (Request.find(" ", nPathEnd+1) != std::string::npos) { // extra spaces in request //std::cout << "ERROR: extra spaces\n"; writeHeader(pOutputBuffer, STATUS_BAD_REQUEST, TYPE_HTML, MASSAGE_LENGTH_BAD_REQUEST); evbuffer_add(pOutputBuffer, MASSAGE_BAD_REQUEST, MASSAGE_LENGTH_BAD_REQUEST); return; } //Validate path if(!validatePath(sPath)) { //std::cout << "Warning: forbidden path\n"; writeHeader(pOutputBuffer, STATUS_FORBIDDEN, TYPE_HTML, MASSAGE_LENGTH_FORBIDDEN); evbuffer_add(pOutputBuffer, MASSAGE_FORBIDDEN, MASSAGE_LENGTH_FORBIDDEN); return; } //std::cout << "Ok: path ok\n"; //find target file std::string sRealPath = std::string(DOCUMENT_ROOT); sRealPath.append(std::string(sPath)); bool bIndex = false; if (sRealPath[sRealPath.length()-1] == '/') { //std::cout << "Ok: index\n"; sRealPath.append("index.html"); bIndex = true; } int fFile = open(sRealPath.c_str(), O_NONBLOCK|O_RDONLY); if (fFile == -1) { //std::cout << "Warning: file not opened\n"; if (bIndex) { writeHeader(pOutputBuffer, STATUS_FORBIDDEN, TYPE_HTML, MASSAGE_LENGTH_FORBIDDEN); evbuffer_add(pOutputBuffer, MASSAGE_FORBIDDEN, MASSAGE_LENGTH_FORBIDDEN); } else { writeHeader(pOutputBuffer, STATUS_NOT_FOUND, TYPE_HTML, MASSAGE_LENGTH_NOT_FOUND); evbuffer_add(pOutputBuffer, MASSAGE_NOT_FOUND, MASSAGE_LENGTH_NOT_FOUND); } return; } //std::cout << "Ok: file opened\n"; struct stat FileStats; fstat(fFile, &FileStats); if(!strcmp(sMethod.c_str(), METHOD_GET)) { //std::cout << "Ok: method \"get\"\n"; writeHeader(pOutputBuffer, STATUS_OK, getContentType(sRealPath), FileStats.st_size); evbuffer_add_file(pOutputBuffer, fFile, 0, FileStats.st_size); } else if(!strcmp(sMethod.c_str(), METHOD_HEAD)){ //std::cout << "Ok: method \"head\"\n"; // ctime gives only /n so we'll add proper CRLF writeHeader(pOutputBuffer, STATUS_OK, getContentType(sRealPath), FileStats.st_size); evbuffer_add(pOutputBuffer, CRLF, 2); } else { writeHeader(pOutputBuffer, STATUS_BAD_REQUEST, TYPE_HTML, MASSAGE_LENGTH_BAD_REQUEST); evbuffer_add(pOutputBuffer, MASSAGE_BAD_REQUEST, MASSAGE_LENGTH_BAD_REQUEST); } return; }