blob: 249848ac0254617660caed900af4a40fb490b906 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
|
// Licensed to the .NET Foundation under one or more agreements.
// The .NET Foundation licenses this file to you under the MIT license.
// See the LICENSE file in the project root for more information.
/*============================================================
**
** Enum: FileSecurityState
**
**
**
**
** Purpose: Determines whether file system access is safe
**
**
===========================================================*/
using System;
using System.Diagnostics.Contracts;
using System.IO;
using System.Security;
using System.Security.Permissions;
namespace System.IO
{
[SecurityCritical]
[System.Runtime.CompilerServices.FriendAccessAllowed]
internal class FileSecurityState : SecurityState
{
#if !PLATFORM_UNIX
private static readonly char[] m_illegalCharacters = { '?', '*' };
#endif // !PLATFORM_UNIX
private FileSecurityStateAccess m_access;
private String m_userPath;
private String m_canonicalizedPath;
// default ctor needed for security rule consistency
[SecurityCritical]
private FileSecurityState()
{
}
internal FileSecurityState(FileSecurityStateAccess access, String path)
{
if (path == null)
{
throw new ArgumentNullException("path");
}
VerifyAccess(access);
m_access = access;
m_userPath = path;
if (path.Equals(String.Empty, StringComparison.OrdinalIgnoreCase))
{
m_canonicalizedPath = String.Empty;
}
else
{
VerifyPath(path);
m_canonicalizedPath = System.IO.Path.GetFullPathInternal(path);
}
}
// slight perf savings for trusted internal callers
internal FileSecurityState(FileSecurityStateAccess access, String path, String canonicalizedPath)
{
VerifyAccess(access);
VerifyPath(path);
VerifyPath(canonicalizedPath);
m_access = access;
m_userPath = path;
m_canonicalizedPath = canonicalizedPath;
}
internal FileSecurityStateAccess Access
{
get
{
return m_access;
}
}
public String Path {
[System.Runtime.CompilerServices.FriendAccessAllowed]
get
{
return m_canonicalizedPath;
}
}
#if FEATURE_CORECLR
[System.Security.SecurityCritical] // auto-generated
#endif
public override void EnsureState()
{
// this is the case for empty string machine name, etc
if (String.Empty.Equals(m_canonicalizedPath))
return;
if (!IsStateAvailable())
{
throw new SecurityException(Environment.GetResourceString("FileSecurityState_OperationNotPermitted", (m_userPath == null) ? String.Empty : m_userPath));
}
}
internal static FileSecurityStateAccess ToFileSecurityState(FileIOPermissionAccess access)
{
Contract.Requires((access & ~FileIOPermissionAccess.AllAccess) == 0);
return (FileSecurityStateAccess)access; // flags are identical; just cast
}
private static void VerifyAccess(FileSecurityStateAccess access)
{
if ((access & ~FileSecurityStateAccess.AllAccess) != 0)
throw new ArgumentOutOfRangeException("access", Environment.GetResourceString("Arg_EnumIllegalVal"));
}
private static void VerifyPath(String path)
{
if (path != null)
{
path = path.Trim();
#if !PLATFORM_UNIX
if (!PathInternal.IsDevice(path) && PathInternal.HasInvalidVolumeSeparator(path))
throw new ArgumentException(Environment.GetResourceString("Argument_PathFormatNotSupported"));
#endif
System.IO.Path.CheckInvalidPathChars(path, checkAdditional: true);
}
}
}
}
|
