/* * security.c: Implementation of the XSLT security framework * * See Copyright for the status of this software. * * [email protected] */ #define IN_LIBXSLT #include "libxslt.h" #include <string.h> #ifdef HAVE_SYS_TYPES_H #include <sys/types.h> #endif #ifdef HAVE_SYS_STAT_H #include <sys/stat.h> #endif #if defined(_WIN32) #include <windows.h> #ifndef INVALID_FILE_ATTRIBUTES #define INVALID_FILE_ATTRIBUTES … #endif #endif #ifndef HAVE_STAT # ifdef HAVE__STAT /* MS C library seems to define stat and _stat. The definition * is identical. Still, mapping them to each other causes a warning. */ # ifndef _MSC_VER #define stat … # endif #define HAVE_STAT # endif #endif #include <libxml/xmlmemory.h> #include <libxml/parser.h> #include <libxml/uri.h> #include "xslt.h" #include "xsltInternals.h" #include "xsltutils.h" #include "extensions.h" #include "security.h" struct _xsltSecurityPrefs { … }; static xsltSecurityPrefsPtr xsltDefaultSecurityPrefs = …; /************************************************************************ * * * Module interfaces * * * ************************************************************************/ /** * xsltNewSecurityPrefs: * * Create a new security preference block * * Returns a pointer to the new block or NULL in case of error */ xsltSecurityPrefsPtr xsltNewSecurityPrefs(void) { … } /** * xsltFreeSecurityPrefs: * @sec: the security block to free * * Free up a security preference block */ void xsltFreeSecurityPrefs(xsltSecurityPrefsPtr sec) { … } /** * xsltSetSecurityPrefs: * @sec: the security block to update * @option: the option to update * @func: the user callback to use for this option * * Update the security option to use the new callback checking function * * Returns -1 in case of error, 0 otherwise */ int xsltSetSecurityPrefs(xsltSecurityPrefsPtr sec, xsltSecurityOption option, xsltSecurityCheck func) { … } /** * xsltGetSecurityPrefs: * @sec: the security block to update * @option: the option to lookup * * Lookup the security option to get the callback checking function * * Returns NULL if not found, the function otherwise */ xsltSecurityCheck xsltGetSecurityPrefs(xsltSecurityPrefsPtr sec, xsltSecurityOption option) { … } /** * xsltSetDefaultSecurityPrefs: * @sec: the security block to use * * Set the default security preference application-wide */ void xsltSetDefaultSecurityPrefs(xsltSecurityPrefsPtr sec) { … } /** * xsltGetDefaultSecurityPrefs: * * Get the default security preference application-wide * * Returns the current xsltSecurityPrefsPtr in use or NULL if none */ xsltSecurityPrefsPtr xsltGetDefaultSecurityPrefs(void) { … } /** * xsltSetCtxtSecurityPrefs: * @sec: the security block to use * @ctxt: an XSLT transformation context * * Set the security preference for a specific transformation * * Returns -1 in case of error, 0 otherwise */ int xsltSetCtxtSecurityPrefs(xsltSecurityPrefsPtr sec, xsltTransformContextPtr ctxt) { … } /** * xsltSecurityAllow: * @sec: the security block to use * @ctxt: an XSLT transformation context * @value: unused * * Function used to always allow an operation * * Returns 1 always */ int xsltSecurityAllow(xsltSecurityPrefsPtr sec ATTRIBUTE_UNUSED, xsltTransformContextPtr ctxt ATTRIBUTE_UNUSED, const char *value ATTRIBUTE_UNUSED) { … } /** * xsltSecurityForbid: * @sec: the security block to use * @ctxt: an XSLT transformation context * @value: unused * * Function used to always forbid an operation * * Returns 0 always */ int xsltSecurityForbid(xsltSecurityPrefsPtr sec ATTRIBUTE_UNUSED, xsltTransformContextPtr ctxt ATTRIBUTE_UNUSED, const char *value ATTRIBUTE_UNUSED) { … } /************************************************************************ * * * Internal interfaces * * * ************************************************************************/ /** * xsltCheckFilename * @path: the path to check * * function checks to see if @path is a valid source * (file, socket...) for XML. * * TODO: remove at some point !!! * Local copy of xmlCheckFilename to avoid a hard dependency on * a new version of libxml2 * * if stat is not available on the target machine, * returns 1. if stat fails, returns 0 (if calling * stat on the filename fails, it can't be right). * if stat succeeds and the file is a directory, * returns 2. otherwise returns 1. */ static int xsltCheckFilename (const char *path) { … } static int xsltCheckWritePath(xsltSecurityPrefsPtr sec, xsltTransformContextPtr ctxt, const char *path) { … } /** * xsltCheckWrite: * @sec: the security options * @ctxt: an XSLT transformation context * @URL: the resource to be written * * Check if the resource is allowed to be written, if necessary makes * some preliminary work like creating directories * * Return 1 if write is allowed, 0 if not and -1 in case or error. */ int xsltCheckWrite(xsltSecurityPrefsPtr sec, xsltTransformContextPtr ctxt, const xmlChar *URL) { … } /** * xsltCheckRead: * @sec: the security options * @ctxt: an XSLT transformation context * @URL: the resource to be read * * Check if the resource is allowed to be read * * Return 1 if read is allowed, 0 if not and -1 in case or error. */ int xsltCheckRead(xsltSecurityPrefsPtr sec, xsltTransformContextPtr ctxt, const xmlChar *URL) { … }
Codebase Browser
chromium