diff options
author | Marijn Kruisselbrink <mek@chromium.org> | 2020-12-08 19:07:00 +0000 |
---|---|---|
committer | Michael Brüning <michael.bruning@qt.io> | 2021-03-29 09:43:14 +0000 |
commit | 69084e439c5e193403abd7c43bb1a5fee4a96605 (patch) | |
tree | d3c092e31ef386271e6a59a462235b3d88b9f32c | |
parent | ed936c8da203893cb0cf518d4e112021675adb93 (diff) |
[Backport] Security bug 1155710
Cherry-pick of patch originally reviewed on:
https://chromium-review.googlesource.com/c/chromium/src/+/2575392:
Make sure to check read permission when iterating a directory.
Also adds unit tests for that case and a couple of other cases.
Bug: 1155710
Change-Id: Ibb6818e9608c9334641212a3f8514d963117333d
Commit-Queue: Marijn Kruisselbrink <mek@chromium.org>
Reviewed-by: Victor Costan <pwnall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#834787}
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
-rw-r--r-- | chromium/content/browser/file_system_access/native_file_system_directory_handle_impl.cc | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/chromium/content/browser/file_system_access/native_file_system_directory_handle_impl.cc b/chromium/content/browser/file_system_access/native_file_system_directory_handle_impl.cc index 8b97a1e0156..2992957115d 100644 --- a/chromium/content/browser/file_system_access/native_file_system_directory_handle_impl.cc +++ b/chromium/content/browser/file_system_access/native_file_system_directory_handle_impl.cc @@ -158,6 +158,14 @@ void NativeFileSystemDirectoryHandleImpl::GetEntries( base::OnTaskRunnerDeleter(base::SequencedTaskRunnerHandle::Get())); listener->reset_on_disconnect(); + if (GetReadPermissionStatus() != PermissionStatus::GRANTED) { + (*listener)->DidReadDirectory( + native_file_system_error::FromStatus( + NativeFileSystemStatus::kPermissionDenied), + {}, false); + return; + } + DoFileSystemOperation( FROM_HERE, &FileSystemOperationRunner::ReadDirectory, base::BindRepeating( |