Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improve share_folder checks in rmdir #36170

Merged
merged 1 commit into from
Sep 10, 2019
Merged

Improve share_folder checks in rmdir #36170

merged 1 commit into from
Sep 10, 2019

Conversation

phil-davis
Copy link
Contributor

@phil-davis phil-davis commented Sep 6, 2019
edited
Loading

Description

The folder being deleted is only part of the path to share_folder if its path matches at the start of share_folder and has the complete matching folder name (i.e. when share_folder is /abc/def then it is OK to rmdir /abc/de)

Make it so with trim and putting slashes and strpos.

The code here also fixes what is in PR #36168

Related Issue

How Has This Been Tested?

Local unit test runs, and trying combinations of folder deletes in the webUI.

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Database schema changes (next release will require increase of minor version instead of patch)
  • Breaking change (fix or feature that would cause existing functionality to change)
  • Technical debt
  • Tests only (no source changes)

Checklist:

  • Code changes
  • Unit tests added
  • Acceptance tests added
  • Documentation ticket raised:

@phil-davis phil-davis self-assigned this Sep 6, 2019
@phil-davis phil-davis mentioned this pull request Sep 6, 2019
Closed
@codecov
Copy link

codecov bot commented Sep 6, 2019
edited
Loading

Codecov Report

Merging #36170 into master will not change coverage.
The diff coverage is n/a.

Impacted file tree graph

@@           Coverage Diff           @@
##           master   #36170   +/-   ##
=======================================
  Coverage   54.01%   54.01%           
=======================================
  Files          63       63           
  Lines        7404     7404           
  Branches     1309     1309           
=======================================
  Hits         3999     3999           
  Misses       3019     3019           
  Partials      386      386
Flag Coverage Δ
#javascript 54.01% <ø> (ø) ⬆️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 73491f9...b644d3d. Read the comment docs.

@phil-davis
Allow share_folder to be specified without leading slash
b644d3d 
Improve share_folder checks in rmdir
@phil-davis phil-davis force-pushed the share_folder-improve-checks-in-rmdir branch from 762e04e to b644d3d Compare September 6, 2019 10:52
@phil-davis
Copy link
Contributor Author

@jvillafanez ready for review again

@phil-davis phil-davis mentioned this pull request Sep 6, 2019
Closed
10 tasks
sharidas
sharidas reviewed Sep 6, 2019
View reviewed changes
Copy link
Contributor

@sharidas sharidas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

jvillafanez
jvillafanez reviewed Sep 6, 2019
View reviewed changes
lib/private/Files/View.php
if ($path !== '') {
$shareFolder = \trim($this->config->getSystemValue('share_folder', '/'), '/');
$trimmedPath = \trim($path, '/');
if ((\strpos("$shareFolder/", "$trimmedPath/") === 0)) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

it seems the condition we want is $shareFolder === $trimmedPath, anything I'm missing?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If share_folder is /Company/Stuff/ReceivedShares and path is /Company or /Company/Stuff then those parent folders of ReceivedShares are also not allowed to be deleted.

See the unit test data provider test cases.

@sharidas sharidas merged commit 9b28668 into master Sep 10, 2019
@delete-merged-branch delete-merged-branch bot deleted the share_folder-improve-checks-in-rmdir branch September 10, 2019 10:31
This was referenced Sep 10, 2019
Closed
Closed
@micbar micbar mentioned this pull request Sep 16, 2019
Closed
13 tasks
@micbar
Copy link
Contributor

micbar commented Oct 1, 2019

Steps to reproduce

  • Set Server setting for Default shared folder in config.php to /Shared
  • User 1 shares files and folders with User 2
  • User 2 should see the incoming shares under the /Shared Folder
  • User 2 tries to delete the /Shared Folder

@HanaGemela
Copy link
Contributor

Works as expected with the desktop sync client 2.6.0 RC1, macOS 10.14.6. User cannot delete the folder. But the client doesn't restore the deleted folder https://github.com/owncloud/client/issues/7496

@karakayasemi karakayasemi mentioned this pull request Oct 22, 2019
Closed
11 tasks
@OS-WS
Copy link

OS-WS commented Feb 21, 2021

Hi, is this the fix for CVE-2020-36251?

thanks in advance!

@micbar
Copy link
Contributor

micbar commented Feb 22, 2021

@C0rby @IljaN Can you provide an answer?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sharidas sharidas sharidas left review comments

@jvillafanez jvillafanez jvillafanez approved these changes

Assignees

@phil-davis phil-davis

Labels
3 - To Review
Projects
None yet
Milestone
No milestone
6 participants
@phil-davis @micbar @HanaGemela @OS-WS @jvillafanez @sharidas