use FileHelper.openOutputStreamSafe to resolve output streams

Valodim · Valodim · commit 4dd3391c9f45 · 2024-01-29T16:42:28.000+01:00
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/BackupOperation.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/BackupOperation.java
@@ -32,9 +32,9 @@
 
 import android.content.Context;
 import android.net.Uri;
+
 import androidx.annotation.NonNull;
 import androidx.annotation.Nullable;
-
 import org.bouncycastle.bcpg.ArmoredOutputStream;
 import org.sufficientlysecure.keychain.Constants;
 import org.sufficientlysecure.keychain.R;
@@ -113,12 +113,12 @@ public ExportResult execute(@NonNull BackupKeyringParcel backupInput, @Nullable
                 }
 
                 plainUri = TemporaryFileProvider.createFile(mContext);
-                plainOut = mContext.getContentResolver().openOutputStream(plainUri);
+                plainOut = FileHelper.openOutputStreamSafe(mContext.getContentResolver(), plainUri);
             } else {
                 if (backupInput.getOutputUri() == null || outputStream != null) {
                     throw new IllegalArgumentException("Unencrypted export to output stream is not supported!");
                 } else {
-                    plainOut = mContext.getContentResolver().openOutputStream(backupInput.getOutputUri());
+                    plainOut = FileHelper.openOutputStreamSafe(mContext.getContentResolver(), backupInput.getOutputUri());
                 }
             }
 
@@ -201,7 +201,7 @@ private PgpSignEncryptResult encryptBackupData(@NonNull BackupKeyringParcel back
             if (outputStream != null) {
                 throw new IllegalArgumentException("If output uri is set, outputStream must null!");
             }
-            outStream = mContext.getContentResolver().openOutputStream(backupInput.getOutputUri());
+            outStream = FileHelper.openOutputStreamSafe(mContext.getContentResolver(), backupInput.getOutputUri());
         }
 
         return signEncryptOperation.execute(
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerifyOperation.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerifyOperation.java
@@ -33,10 +33,10 @@
 import java.util.Map.Entry;
 
 import android.content.Context;
-import androidx.annotation.NonNull;
 import android.text.TextUtils;
 import android.webkit.MimeTypeMap;
 
+import androidx.annotation.NonNull;
 import org.bouncycastle.bcpg.ArmoredInputStream;
 import org.bouncycastle.openpgp.PGPCompressedData;
 import org.bouncycastle.openpgp.PGPDataValidationException;
@@ -61,6 +61,8 @@
 import org.sufficientlysecure.keychain.Constants;
 import org.sufficientlysecure.keychain.Constants.key;
 import org.sufficientlysecure.keychain.R;
+import org.sufficientlysecure.keychain.daos.KeyRepository;
+import org.sufficientlysecure.keychain.daos.KeyWritableRepository;
 import org.sufficientlysecure.keychain.operations.BaseOperation;
 import org.sufficientlysecure.keychain.operations.results.DecryptVerifyResult;
 import org.sufficientlysecure.keychain.operations.results.OperationResult.LogType;
@@ -71,8 +73,6 @@
 import org.sufficientlysecure.keychain.pgp.SecurityProblem.KeySecurityProblem;
 import org.sufficientlysecure.keychain.pgp.SecurityProblem.MissingMdc;
 import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralException;
-import org.sufficientlysecure.keychain.daos.KeyRepository;
-import org.sufficientlysecure.keychain.daos.KeyWritableRepository;
 import org.sufficientlysecure.keychain.service.input.CryptoInputParcel;
 import org.sufficientlysecure.keychain.service.input.RequiredInputParcel;
 import org.sufficientlysecure.keychain.service.input.RequiredInputParcel.RequireAnyDecryptPassphraseBuilder;
@@ -129,7 +129,7 @@ public DecryptVerifyResult execute(PgpDecryptVerifyInputParcel input, CryptoInpu
             outputStream = new ByteArrayOutputStream();
         } else {
             try {
-                outputStream = mContext.getContentResolver().openOutputStream(input.getOutputUri());
+                outputStream = FileHelper.openOutputStreamSafe(mContext.getContentResolver(), input.getOutputUri());
             } catch (FileNotFoundException e) {
                 Timber.e(e, "Output URI could not be opened: " + input.getOutputUri());
                 OperationLog log = new OperationLog();
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncryptOperation.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncryptOperation.java
@@ -37,8 +37,8 @@
 
 import android.content.Context;
 import android.net.Uri;
-import androidx.annotation.NonNull;
 
+import androidx.annotation.NonNull;
 import org.bouncycastle.bcpg.ArmoredOutputStream;
 import org.bouncycastle.bcpg.BCPGOutputStream;
 import org.bouncycastle.bcpg.CompressionAlgorithmTags;
@@ -143,7 +143,7 @@ public PgpSignEncryptResult execute(PgpSignEncryptInputParcel input, CryptoInput
             if (input.getOutputUri() != null) {
                 try {
                     Uri outputUri = input.getOutputUri();
-                    outStream = mContext.getContentResolver().openOutputStream(outputUri);
+                    outStream = FileHelper.openOutputStreamSafe(mContext.getContentResolver(), outputUri);
                 } catch (FileNotFoundException e) {
                     log.add(LogType.MSG_PSE_ERROR_OUTPUT_URI_NOT_FOUND, 1);
                     return new PgpSignEncryptResult(SignEncryptResult.RESULT_ERROR, log);
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/DecryptActivity.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/DecryptActivity.java
@@ -24,21 +24,20 @@
 
 import android.app.Activity;
 import android.content.ClipData;
-import android.content.ClipboardManager;
-import android.content.Context;
 import android.content.Intent;
 import android.net.Uri;
 import android.os.Bundle;
+import android.widget.Toast;
+
 import androidx.annotation.Nullable;
 import androidx.fragment.app.FragmentManager;
 import androidx.fragment.app.FragmentTransaction;
-import android.widget.Toast;
-
 import org.sufficientlysecure.keychain.Constants;
 import org.sufficientlysecure.keychain.R;
 import org.sufficientlysecure.keychain.pgp.PgpHelper;
 import org.sufficientlysecure.keychain.provider.TemporaryFileProvider;
 import org.sufficientlysecure.keychain.ui.base.BaseActivity;
+import org.sufficientlysecure.keychain.util.FileHelper;
 
 
 public class DecryptActivity extends BaseActivity {
@@ -200,7 +199,7 @@ private void handleActions(Bundle savedInstanceState, Intent intent) {
     @Nullable
     public Uri readToTempFile(String text) throws IOException {
         Uri tempFile = TemporaryFileProvider.createFile(this);
-        OutputStream outStream = getContentResolver().openOutputStream(tempFile);
+        OutputStream outStream = FileHelper.openOutputStreamSafe(getContentResolver(), tempFile);
         if (outStream == null) {
             return null;
         }
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/DecryptListFragment.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/DecryptListFragment.java
@@ -44,11 +44,6 @@
 import android.os.Build.VERSION_CODES;
 import android.os.Bundle;
 import android.os.Parcelable;
-import androidx.annotation.NonNull;
-import androidx.core.content.ContextCompat;
-import androidx.recyclerview.widget.DefaultItemAnimator;
-import androidx.recyclerview.widget.LinearLayoutManager;
-import androidx.recyclerview.widget.RecyclerView;
 import android.text.TextUtils;
 import android.view.LayoutInflater;
 import android.view.MenuItem;
@@ -65,8 +60,12 @@
 import android.widget.Toast;
 import android.widget.ViewAnimator;
 
+import androidx.annotation.NonNull;
+import androidx.core.content.ContextCompat;
+import androidx.recyclerview.widget.DefaultItemAnimator;
+import androidx.recyclerview.widget.LinearLayoutManager;
+import androidx.recyclerview.widget.RecyclerView;
 import com.cocosw.bottomsheet.BottomSheet;
-
 import org.openintents.openpgp.OpenPgpMetadata;
 import org.openintents.openpgp.OpenPgpSignatureResult;
 import org.sufficientlysecure.keychain.BuildConfig;
@@ -79,16 +78,15 @@
 import org.sufficientlysecure.keychain.pgp.PgpDecryptVerifyInputParcel;
 import org.sufficientlysecure.keychain.service.ImportKeyringParcel;
 import org.sufficientlysecure.keychain.service.InputDataParcel;
+import org.sufficientlysecure.keychain.ui.DecryptListFragment.DecryptFilesAdapter.ViewModel;
+import org.sufficientlysecure.keychain.ui.DecryptListFragment.ViewHolder.SubViewHolder;
+import org.sufficientlysecure.keychain.ui.adapter.SpacesItemDecoration;
 import org.sufficientlysecure.keychain.ui.base.CryptoOperationHelper;
 import org.sufficientlysecure.keychain.ui.base.QueueingCryptoOperationFragment;
-// this import NEEDS to be above the ViewModel AND SubViewHolder one, or it won't compile! (as of 16.09.15)
 import org.sufficientlysecure.keychain.ui.keyview.ViewKeyActivity;
-import org.sufficientlysecure.keychain.ui.util.KeyFormattingUtils.StatusHolder;
-import org.sufficientlysecure.keychain.ui.DecryptListFragment.ViewHolder.SubViewHolder;
-import org.sufficientlysecure.keychain.ui.DecryptListFragment.DecryptFilesAdapter.ViewModel;
-import org.sufficientlysecure.keychain.ui.adapter.SpacesItemDecoration;
 import org.sufficientlysecure.keychain.ui.util.FormattingUtils;
 import org.sufficientlysecure.keychain.ui.util.KeyFormattingUtils;
+import org.sufficientlysecure.keychain.ui.util.KeyFormattingUtils.StatusHolder;
 import org.sufficientlysecure.keychain.ui.util.Notify;
 import org.sufficientlysecure.keychain.ui.util.Notify.Style;
 import org.sufficientlysecure.keychain.util.FileHelper;
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/LogDisplayFragment.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/LogDisplayFragment.java
@@ -25,11 +25,11 @@
 import android.content.Intent;
 import android.net.Uri;
 import android.os.Bundle;
-import androidx.recyclerview.widget.LinearLayoutManager;
 import android.view.Menu;
 import android.view.MenuInflater;
 import android.view.MenuItem;
 
+import androidx.recyclerview.widget.LinearLayoutManager;
 import org.sufficientlysecure.keychain.R;
 import org.sufficientlysecure.keychain.operations.results.OperationResult;
 import org.sufficientlysecure.keychain.operations.results.OperationResult.SubLogEntryParcel;
@@ -39,6 +39,7 @@
 import org.sufficientlysecure.keychain.ui.dialog.ShareLogDialogFragment;
 import org.sufficientlysecure.keychain.ui.util.Notify;
 import org.sufficientlysecure.keychain.ui.util.Notify.Style;
+import org.sufficientlysecure.keychain.util.FileHelper;
 
 
 public class LogDisplayFragment extends RecyclerFragment<NestedLogAdapter>
@@ -120,15 +121,15 @@ private void shareLog() {
         if (mLogTempFile == null) {
             mLogTempFile = TemporaryFileProvider.createFile(getActivity(), "openkeychain_log.txt", "text/plain");
             try {
-                OutputStream outputStream = activity.getContentResolver().openOutputStream(mLogTempFile);
+                OutputStream outputStream = FileHelper.openOutputStreamSafe(activity.getContentResolver(), mLogTempFile);
                 outputStream.write(log.getBytes());
+                outputStream.close();
             } catch (IOException | NullPointerException e) {
                 Notify.create(activity, R.string.error_log_share_internal, Style.ERROR).show();
                 return;
             }
         }
 
-
         ShareLogDialogFragment shareLogDialog = ShareLogDialogFragment.newInstance(mLogTempFile);
         shareLogDialog.show(getActivity().getSupportFragmentManager(), "shareLogDialog");
     }
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/util/FileHelper.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/util/FileHelper.java
@@ -299,7 +299,7 @@ public static void copyUriData(Context context, Uri fromUri, Uri toUri) throws I
         try {
             ContentResolver resolver = context.getContentResolver();
             bis = new BufferedInputStream(FileHelper.openInputStreamSafe(resolver, fromUri));
-            bos = new BufferedOutputStream(resolver.openOutputStream(toUri));
+            bos = new BufferedOutputStream(FileHelper.openOutputStreamSafe(resolver, toUri));
             byte[] buf = new byte[1024];
             int len;
             while ( (len = bis.read(buf)) > 0) {
@@ -388,4 +388,14 @@ public static InputStream openInputStreamSafe(ContentResolver resolver, Uri uri)
         }
     }
 
+    public static OutputStream openOutputStreamSafe(ContentResolver resolver, Uri uri)
+            throws FileNotFoundException {
+
+        // Not supported on Android < 5
+        if (Build.VERSION.SDK_INT >= VERSION_CODES.LOLLIPOP) {
+            return FileHelperLollipop.openOutputStreamSafe(resolver, uri);
+        } else {
+            return resolver.openOutputStream(uri);
+        }
+    }
 }
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/util/FileHelperLollipop.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/util/FileHelperLollipop.java
@@ -22,6 +22,7 @@
 import java.io.FileNotFoundException;
 import java.io.IOException;
 import java.io.InputStream;
+import java.io.OutputStream;
 
 import android.content.ContentResolver;
 import android.content.res.AssetFileDescriptor;
@@ -88,4 +89,35 @@ static InputStream openInputStreamSafe(ContentResolver resolver, Uri uri)
         }
 
     }
+
+    static OutputStream openOutputStreamSafe(ContentResolver resolver, Uri uri)
+            throws FileNotFoundException {
+
+        String scheme = uri.getScheme();
+        if (ContentResolver.SCHEME_FILE.equals(scheme)) {
+            ParcelFileDescriptor pfd = ParcelFileDescriptor.open(
+                    new File(uri.getPath()), ParcelFileDescriptor.parseMode("w"));
+
+            try {
+                final StructStat st = Os.fstat(pfd.getFileDescriptor());
+                if (st.st_uid == android.os.Process.myUid()) {
+                    Timber.e("File is owned by the application itself, aborting!");
+                    throw new FileNotFoundException("Unable to create stream");
+                }
+            } catch (ErrnoException e) {
+                Timber.e(e, "fstat() failed");
+                throw new FileNotFoundException("fstat() failed");
+            }
+
+            AssetFileDescriptor fd = new AssetFileDescriptor(pfd, 0, -1);
+            try {
+                return fd.createOutputStream();
+            } catch (IOException e) {
+                throw new FileNotFoundException("Unable to create stream");
+            }
+        } else {
+            return resolver.openOutputStream(uri);
+        }
+
+    }
 }

Original file line number	Diff line number	Diff line change
`@@ -32,9 +32,9 @@`
`32`	`32`
`33`	`33`	`import android.content.Context;`
`34`	`34`	`import android.net.Uri;`
	`35`	`+`
`35`	`36`	`import androidx.annotation.NonNull;`
`36`	`37`	`import androidx.annotation.Nullable;`
`37`		`-`
`38`	`38`	`import org.bouncycastle.bcpg.ArmoredOutputStream;`
`39`	`39`	`import org.sufficientlysecure.keychain.Constants;`
`40`	`40`	`import org.sufficientlysecure.keychain.R;`
`@@ -113,12 +113,12 @@ public ExportResult execute(@NonNull BackupKeyringParcel backupInput, @Nullable`
`113`	`113`	`}`
`114`	`114`
`115`	`115`	`plainUri = TemporaryFileProvider.createFile(mContext);`
`116`		`- plainOut = mContext.getContentResolver().openOutputStream(plainUri);`
	`116`	`+ plainOut = FileHelper.openOutputStreamSafe(mContext.getContentResolver(), plainUri);`
`117`	`117`	`} else {`
`118`	`118`	`if (backupInput.getOutputUri() == null \|\| outputStream != null) {`
`119`	`119`	`throw new IllegalArgumentException("Unencrypted export to output stream is not supported!");`
`120`	`120`	`} else {`
`121`		`- plainOut = mContext.getContentResolver().openOutputStream(backupInput.getOutputUri());`
	`121`	`+ plainOut = FileHelper.openOutputStreamSafe(mContext.getContentResolver(), backupInput.getOutputUri());`
`122`	`122`	`}`
`123`	`123`	`}`
`124`	`124`
`@@ -201,7 +201,7 @@ private PgpSignEncryptResult encryptBackupData(@NonNull BackupKeyringParcel back`
`201`	`201`	`if (outputStream != null) {`
`202`	`202`	`throw new IllegalArgumentException("If output uri is set, outputStream must null!");`
`203`	`203`	`}`
`204`		`- outStream = mContext.getContentResolver().openOutputStream(backupInput.getOutputUri());`
	`204`	`+ outStream = FileHelper.openOutputStreamSafe(mContext.getContentResolver(), backupInput.getOutputUri());`
`205`	`205`	`}`
`206`	`206`
`207`	`207`	`return signEncryptOperation.execute(`