From ec3639dc7a28348b136d2008e692cffe8c3753ad Mon Sep 17 00:00:00 2001
From: Arthur Schiwon <blizzz@owncloud.com>
Date: Wed, 4 Sep 2013 13:06:04 +0200
Subject: [PATCH] Always check variable type before using readdir to avoid
surprises
---
apps/files_external/lib/amazons3.php | 39 ++++++++++++++++------------
apps/files_external/lib/google.php | 12 +++++----
apps/files_external/lib/irods.php | 14 +++++-----
apps/files_external/lib/smb.php | 12 +++++----
apps/files_trashbin/index.php | 31 +++++++++++-----------
lib/app.php | 14 +++++-----
lib/archive.php | 3 ++-
lib/cache/file.php | 11 +++++---
lib/cache/fileglobal.php | 20 ++++++++------
lib/connector/sabre/objecttree.php | 8 +++---
lib/files/cache/scanner.php | 28 ++++++++++----------
lib/files/storage/common.php | 21 ++++++++-------
lib/files/view.php | 8 +++---
lib/installer.php | 10 ++++---
14 files changed, 133 insertions(+), 98 deletions(-)
diff --git a/apps/files_external/lib/amazons3.php b/apps/files_external/lib/amazons3.php
index 2d7bcd4ac37..c08a266b48c 100644
--- a/apps/files_external/lib/amazons3.php
+++ b/apps/files_external/lib/amazons3.php
@@ -183,17 +183,20 @@ class AmazonS3 extends \OC\Files\Storage\Common {
}
$dh = $this->opendir($path);
- while (($file = readdir($dh)) !== false) {
- if ($file === '.' || $file === '..') {
- continue;
- }
- if ($this->is_dir($path . '/' . $file)) {
- $this->rmdir($path . '/' . $file);
- } else {
- $this->unlink($path . '/' . $file);
+ if(is_resource($dh)) {
+ while (($file = readdir($dh)) !== false) {
+ if ($file === '.' || $file === '..') {
+ continue;
+ }
+
+ if ($this->is_dir($path . '/' . $file)) {
+ $this->rmdir($path . '/' . $file);
+ } else {
+ $this->unlink($path . '/' . $file);
+ }
}
- }
+ }
try {
$result = $this->connection->deleteObject(array(
@@ -464,15 +467,17 @@ class AmazonS3 extends \OC\Files\Storage\Common {
}
$dh = $this->opendir($path1);
- while (($file = readdir($dh)) !== false) {
- if ($file === '.' || $file === '..') {
- continue;
+ if(is_resource($dh)) {
+ while (($file = readdir($dh)) !== false) {
+ if ($file === '.' || $file === '..') {
+ continue;
+ }
+
+ $source = $path1 . '/' . $file;
+ $target = $path2 . '/' . $file;
+ $this->copy($source, $target);
}
-
- $source = $path1 . '/' . $file;
- $target = $path2 . '/' . $file;
- $this->copy($source, $target);
- }
+ }
}
return true;
diff --git a/apps/files_external/lib/google.php b/apps/files_external/lib/google.php
index 215bdcda6c2..b63b5885de1 100644
--- a/apps/files_external/lib/google.php
+++ b/apps/files_external/lib/google.php
@@ -206,14 +206,16 @@ class Google extends \OC\Files\Storage\Common {
public function rmdir($path) {
if (trim($path, '/') === '') {
$dir = $this->opendir($path);
- while (($file = readdir($dh)) !== false) {
- if (!\OC\Files\Filesystem::isIgnoredDir($file)) {
- if (!$this->unlink($path.'/'.$file)) {
- return false;
+ if(is_resource($dir)) {
+ while (($file = readdir($dir)) !== false) {
+ if (!\OC\Files\Filesystem::isIgnoredDir($file)) {
+ if (!$this->unlink($path.'/'.$file)) {
+ return false;
+ }
}
}
+ closedir($dir);
}
- closedir($dir);
$this->driveFiles = array();
return true;
} else {
diff --git a/apps/files_external/lib/irods.php b/apps/files_external/lib/irods.php
index 7ec3b3a0cfc..f7279a6c5d2 100644
--- a/apps/files_external/lib/irods.php
+++ b/apps/files_external/lib/irods.php
@@ -55,7 +55,7 @@ class iRODS extends \OC\Files\Storage\StreamWrapper{
} else {
throw new \Exception();
}
-
+
}
public static function login( $params ) {
@@ -137,11 +137,13 @@ class iRODS extends \OC\Files\Storage\StreamWrapper{
private function collectionMTime($path) {
$dh = $this->opendir($path);
$lastCTime = $this->filemtime($path);
- while (($file = readdir($dh)) !== false) {
- if ($file != '.' and $file != '..') {
- $time = $this->filemtime($file);
- if ($time > $lastCTime) {
- $lastCTime = $time;
+ if(is_resource($dh)) {
+ while (($file = readdir($dh)) !== false) {
+ if ($file != '.' and $file != '..') {
+ $time = $this->filemtime($file);
+ if ($time > $lastCTime) {
+ $lastCTime = $time;
+ }
}
}
}
diff --git a/apps/files_external/lib/smb.php b/apps/files_external/lib/smb.php
index 8e7a28fba1a..ecd4dae0484 100644
--- a/apps/files_external/lib/smb.php
+++ b/apps/files_external/lib/smb.php
@@ -99,11 +99,13 @@ class SMB extends \OC\Files\Storage\StreamWrapper{
private function shareMTime() {
$dh=$this->opendir('');
$lastCtime=0;
- while (($file = readdir($dh)) !== false) {
- if ($file!='.' and $file!='..') {
- $ctime=$this->filemtime($file);
- if ($ctime>$lastCtime) {
- $lastCtime=$ctime;
+ if(is_resource($dh)) {
+ while (($file = readdir($dh)) !== false) {
+ if ($file!='.' and $file!='..') {
+ $ctime=$this->filemtime($file);
+ if ($ctime>$lastCtime) {
+ $lastCtime=$ctime;
+ }
}
}
}
diff --git a/apps/files_trashbin/index.php b/apps/files_trashbin/index.php
index 0baeab1de97..0dd6944281c 100644
--- a/apps/files_trashbin/index.php
+++ b/apps/files_trashbin/index.php
@@ -23,23 +23,24 @@ if ($dir) {
$dirlisting = true;
$dirContent = $view->opendir($dir);
$i = 0;
- while(($entryName = readdir($dirContent)) !== false) {
- if (!\OC\Files\Filesystem::isIgnoredDir($entryName)) {
- $pos = strpos($dir.'/', '/', 1);
- $tmp = substr($dir, 0, $pos);
- $pos = strrpos($tmp, '.d');
- $timestamp = substr($tmp, $pos+2);
- $result[] = array(
- 'id' => $entryName,
- 'timestamp' => $timestamp,
- 'mime' => $view->getMimeType($dir.'/'.$entryName),
- 'type' => $view->is_dir($dir.'/'.$entryName) ? 'dir' : 'file',
- 'location' => $dir,
- );
+ if(is_resource($dirContent)) {
+ while(($entryName = readdir($dirContent)) !== false) {
+ if (!\OC\Files\Filesystem::isIgnoredDir($entryName)) {
+ $pos = strpos($dir.'/', '/', 1);
+ $tmp = substr($dir, 0, $pos);
+ $pos = strrpos($tmp, '.d');
+ $timestamp = substr($tmp, $pos+2);
+ $result[] = array(
+ 'id' => $entryName,
+ 'timestamp' => $timestamp,
+ 'mime' => $view->getMimeType($dir.'/'.$entryName),
+ 'type' => $view->is_dir($dir.'/'.$entryName) ? 'dir' : 'file',
+ 'location' => $dir,
+ );
+ }
}
+ closedir($dirContent);
}
- closedir($dirContent);
-
} else {
$dirlisting = false;
$query = \OC_DB::prepare('SELECT `id`,`location`,`timestamp`,`type`,`mime` FROM `*PREFIX*files_trash` WHERE `user` = ?');
diff --git a/lib/app.php b/lib/app.php
index 1a0a7e6f9a9..d98af2dc296 100644
--- a/lib/app.php
+++ b/lib/app.php
@@ -667,14 +667,16 @@ class OC_App{
}
$dh = opendir( $apps_dir['path'] );
- while (($file = readdir($dh)) !== false) {
+ if(is_resource($dh)) {
+ while (($file = readdir($dh)) !== false) {
- if ($file[0] != '.' and is_file($apps_dir['path'].'/'.$file.'/appinfo/app.php')) {
+ if ($file[0] != '.' and is_file($apps_dir['path'].'/'.$file.'/appinfo/app.php')) {
- $apps[] = $file;
+ $apps[] = $file;
- }
+ }
+ }
}
}
@@ -868,10 +870,10 @@ class OC_App{
/**
- * Compares the app version with the owncloud version to see if the app
+ * Compares the app version with the owncloud version to see if the app
* requires a newer version than the currently active one
* @param array $owncloudVersions array with 3 entries: major minor bugfix
- * @param string $appRequired the required version from the xml
+ * @param string $appRequired the required version from the xml
* major.minor.bugfix
* @return boolean true if compatible, otherwise false
*/
diff --git a/lib/archive.php b/lib/archive.php
index 364cd5a74a1..85bfae57295 100644
--- a/lib/archive.php
+++ b/lib/archive.php
@@ -119,7 +119,8 @@ abstract class OC_Archive{
* @return bool
*/
function addRecursive($path, $source) {
- if($dh=opendir($source)) {
+ $dh = opendir($source);
+ if(is_resource($dh)) {
$this->addFolder($path);
while (($file = readdir($dh)) !== false) {
if($file=='.' or $file=='..') {
diff --git a/lib/cache/file.php b/lib/cache/file.php
index 9fee6034a71..361138e4736 100644
--- a/lib/cache/file.php
+++ b/lib/cache/file.php
@@ -80,9 +80,11 @@ class OC_Cache_File{
$storage = $this->getStorage();
if($storage and $storage->is_dir('/')) {
$dh=$storage->opendir('/');
- while (($file = readdir($dh)) !== false) {
- if($file!='.' and $file!='..' and ($prefix==='' || strpos($file, $prefix) === 0)) {
- $storage->unlink('/'.$file);
+ if(is_resource($dh)) {
+ while (($file = readdir($dh)) !== false) {
+ if($file!='.' and $file!='..' and ($prefix==='' || strpos($file, $prefix) === 0)) {
+ $storage->unlink('/'.$file);
+ }
}
}
}
@@ -94,6 +96,9 @@ class OC_Cache_File{
if($storage and $storage->is_dir('/')) {
$now = time();
$dh=$storage->opendir('/');
+ if(!is_resource($dh)) {
+ return null;
+ }
while (($file = readdir($dh)) !== false) {
if($file!='.' and $file!='..') {
$mtime = $storage->filemtime('/'.$file);
diff --git a/lib/cache/fileglobal.php b/lib/cache/fileglobal.php
index 2fbd8ca3edb..c0bd8e45f39 100644
--- a/lib/cache/fileglobal.php
+++ b/lib/cache/fileglobal.php
@@ -69,9 +69,11 @@ class OC_Cache_FileGlobal{
$prefix = $this->fixKey($prefix);
if($cache_dir and is_dir($cache_dir)) {
$dh=opendir($cache_dir);
- while (($file = readdir($dh)) !== false) {
- if($file!='.' and $file!='..' and ($prefix==='' || strpos($file, $prefix) === 0)) {
- unlink($cache_dir.$file);
+ if(is_resource($dh)) {
+ while (($file = readdir($dh)) !== false) {
+ if($file!='.' and $file!='..' and ($prefix==='' || strpos($file, $prefix) === 0)) {
+ unlink($cache_dir.$file);
+ }
}
}
}
@@ -88,11 +90,13 @@ class OC_Cache_FileGlobal{
$cache_dir = self::getCacheDir();
if($cache_dir and is_dir($cache_dir)) {
$dh=opendir($cache_dir);
- while (($file = readdir($dh)) !== false) {
- if($file!='.' and $file!='..') {
- $mtime = filemtime($cache_dir.$file);
- if ($mtime < $now) {
- unlink($cache_dir.$file);
+ if(is_resource($dh)) {
+ while (($file = readdir($dh)) !== false) {
+ if($file!='.' and $file!='..') {
+ $mtime = filemtime($cache_dir.$file);
+ if ($mtime < $now) {
+ unlink($cache_dir.$file);
+ }
}
}
}
diff --git a/lib/connector/sabre/objecttree.php b/lib/connector/sabre/objecttree.php
index b298813a202..acff45ed5e2 100644
--- a/lib/connector/sabre/objecttree.php
+++ b/lib/connector/sabre/objecttree.php
@@ -88,11 +88,13 @@ class ObjectTree extends \Sabre_DAV_ObjectTree {
} else {
Filesystem::mkdir($destination);
$dh = Filesystem::opendir($source);
- while (($subnode = readdir($dh)) !== false) {
+ if(is_resource($dh)) {
+ while (($subnode = readdir($dh)) !== false) {
- if ($subnode == '.' || $subnode == '..') continue;
- $this->copy($source . '/' . $subnode, $destination . '/' . $subnode);
+ if ($subnode == '.' || $subnode == '..') continue;
+ $this->copy($source . '/' . $subnode, $destination . '/' . $subnode);
+ }
}
}
diff --git a/lib/files/cache/scanner.php b/lib/files/cache/scanner.php
index 87fa7c1365a..9d180820e9d 100644
--- a/lib/files/cache/scanner.php
+++ b/lib/files/cache/scanner.php
@@ -159,20 +159,22 @@ class Scanner extends BasicEmitter {
$newChildren = array();
if ($this->storage->is_dir($path) && ($dh = $this->storage->opendir($path))) {
\OC_DB::beginTransaction();
- while (($file = readdir($dh)) !== false) {
- $child = ($path) ? $path . '/' . $file : $file;
- if (!Filesystem::isIgnoredDir($file)) {
- $newChildren[] = $file;
- $data = $this->scanFile($child, $reuse, true);
- if ($data) {
- if ($data['size'] === -1) {
- if ($recursive === self::SCAN_RECURSIVE) {
- $childQueue[] = $child;
- } else {
- $size = -1;
+ if(is_resource($dh)) {
+ while (($file = readdir($dh)) !== false) {
+ $child = ($path) ? $path . '/' . $file : $file;
+ if (!Filesystem::isIgnoredDir($file)) {
+ $newChildren[] = $file;
+ $data = $this->scanFile($child, $reuse, true);
+ if ($data) {
+ if ($data['size'] === -1) {
+ if ($recursive === self::SCAN_RECURSIVE) {
+ $childQueue[] = $child;
+ } else {
+ $size = -1;
+ }
+ } else if ($size !== -1) {
+ $size += $data['size'];
}
- } else if ($size !== -1) {
- $size += $data['size'];
}
}
}
diff --git a/lib/files/storage/common.php b/lib/files/storage/common.php
index 01560f34fde..a5b79f0e967 100644
--- a/lib/files/storage/common.php
+++ b/lib/files/storage/common.php
@@ -142,13 +142,15 @@ abstract class Common implements \OC\Files\Storage\Storage {
return false;
} else {
$directoryHandle = $this->opendir($directory);
- while (($contents = readdir($directoryHandle)) !== false) {
- if (!\OC\Files\Filesystem::isIgnoredDir($contents)) {
- $path = $directory . '/' . $contents;
- if ($this->is_dir($path)) {
- $this->deleteAll($path);
- } else {
- $this->unlink($path);
+ if(is_resource($directoryHandle)) {
+ while (($contents = readdir($directoryHandle)) !== false) {
+ if (!\OC\Files\Filesystem::isIgnoredDir($contents)) {
+ $path = $directory . '/' . $contents;
+ if ($this->is_dir($path)) {
+ $this->deleteAll($path);
+ } else {
+ $this->unlink($path);
+ }
}
}
}
@@ -224,7 +226,8 @@ abstract class Common implements \OC\Files\Storage\Storage {
}
private function addLocalFolder($path, $target) {
- if ($dh = $this->opendir($path)) {
+ $dh = $this->opendir($path);
+ if(is_resource($dh)) {
while (($file = readdir($dh)) !== false) {
if ($file !== '.' and $file !== '..') {
if ($this->is_dir($path . '/' . $file)) {
@@ -242,7 +245,7 @@ abstract class Common implements \OC\Files\Storage\Storage {
protected function searchInDir($query, $dir = '') {
$files = array();
$dh = $this->opendir($dir);
- if ($dh) {
+ if (is_resource($dh)) {
while (($item = readdir($dh)) !== false) {
if ($item == '.' || $item == '..') continue;
if (strstr(strtolower($item), strtolower($query)) !== false) {
diff --git a/lib/files/view.php b/lib/files/view.php
index 8aee12bf6fe..14de92c2005 100644
--- a/lib/files/view.php
+++ b/lib/files/view.php
@@ -500,9 +500,11 @@ class View {
} else {
if ($this->is_dir($path1) && ($dh = $this->opendir($path1))) {
$result = $this->mkdir($path2);
- while (($file = readdir($dh)) !== false) {
- if (!Filesystem::isIgnoredDir($file)) {
- $result = $this->copy($path1 . '/' . $file, $path2 . '/' . $file);
+ if(is_resource($dh)) {
+ while (($file = readdir($dh)) !== false) {
+ if (!Filesystem::isIgnoredDir($file)) {
+ $result = $this->copy($path1 . '/' . $file, $path2 . '/' . $file);
+ }
}
}
} else {
diff --git a/lib/installer.php b/lib/installer.php
index b9684eaeea0..607e6da7265 100644
--- a/lib/installer.php
+++ b/lib/installer.php
@@ -107,10 +107,12 @@ class OC_Installer{
if(!is_file($extractDir.'/appinfo/info.xml')) {
//try to find it in a subdir
$dh=opendir($extractDir);
- while (($folder = readdir($dh)) !== false) {
- if($folder[0]!='.' and is_dir($extractDir.'/'.$folder)) {
- if(is_file($extractDir.'/'.$folder.'/appinfo/info.xml')) {
- $extractDir.='/'.$folder;
+ if(is_resource($dh)) {
+ while (($folder = readdir($dh)) !== false) {
+ if($folder[0]!='.' and is_dir($extractDir.'/'.$folder)) {
+ if(is_file($extractDir.'/'.$folder.'/appinfo/info.xml')) {
+ $extractDir.='/'.$folder;
+ }
}
}
}
--
GitLab