2010-05-21 03:13:36 +02:00
|
|
|
// Copyright (c) 2010, Amar Takhar <verm@aegisub.org>
|
|
|
|
|
//
|
|
|
|
|
// Permission to use, copy, modify, and distribute this software for any
|
|
|
|
|
// purpose with or without fee is hereby granted, provided that the above
|
|
|
|
|
// copyright notice and this permission notice appear in all copies.
|
|
|
|
|
//
|
|
|
|
|
// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
|
|
|
|
|
// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
|
|
|
|
|
// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
|
|
|
|
|
// ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
|
|
|
|
|
// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
|
|
|
|
|
// ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
|
|
|
|
|
// OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
|
|
|
|
//
|
|
|
|
|
// $Id$
|
|
|
|
|
|
|
|
|
|
/// @file access.cpp
|
|
|
|
|
/// @brief Windows access methods.
|
|
|
|
|
/// @ingroup libaegisub windows
|
|
|
|
|
|
|
|
|
|
#ifndef LAGI_PRE
|
2010-05-23 22:39:14 +02:00
|
|
|
#include <windows.h>
|
2010-05-21 03:13:36 +02:00
|
|
|
|
|
|
|
|
#include <iostream>
|
|
|
|
|
#include <fstream>
|
|
|
|
|
#endif
|
|
|
|
|
|
2010-06-03 22:32:25 +02:00
|
|
|
#include <libaegisub/charset_conv_win.h>
|
|
|
|
|
#include <libaegisub/util.h>
|
|
|
|
|
#include <libaegisub/util_win.h>
|
2010-05-21 03:13:36 +02:00
|
|
|
|
|
|
|
|
namespace agi {
|
|
|
|
|
namespace acs {
|
|
|
|
|
|
|
|
|
|
void CheckFileRead(const std::string &file) {
|
|
|
|
|
Check(file, acs::FileRead);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
void CheckFileWrite(const std::string &file) {
|
|
|
|
|
Check(file, acs::FileWrite);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
void CheckDirRead(const std::string &dir) {
|
|
|
|
|
Check(dir, acs::DirRead);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
void CheckDirWrite(const std::string &dir) {
|
|
|
|
|
Check(dir, acs::DirWrite);
|
|
|
|
|
}
|
|
|
|
|
|
2010-05-23 22:39:14 +02:00
|
|
|
/*
|
|
|
|
|
This function is still a proof of concept, it's probably rife with bugs, below
|
|
|
|
|
is a short (and incomplete) todo
|
|
|
|
|
* "Basic" checks (Read/Write/File/Dir) checks for FAT32 filesystems which
|
|
|
|
|
requires detecting the filesystem being used.
|
|
|
|
|
*/
|
2010-05-21 03:13:36 +02:00
|
|
|
void Check(const std::string &file, acs::Type type) {
|
2010-06-03 22:32:25 +02:00
|
|
|
std::wstring wfile = agi::charset::ConvertW(file);
|
2010-05-23 22:39:14 +02:00
|
|
|
|
|
|
|
|
SECURITY_DESCRIPTOR* sd;
|
|
|
|
|
DWORD len = 0;
|
|
|
|
|
SECURITY_INFORMATION info = OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION;
|
|
|
|
|
HANDLE client_token;
|
|
|
|
|
PRIVILEGE_SET priv_set;
|
|
|
|
|
DWORD priv_set_size = sizeof(PRIVILEGE_SET);
|
|
|
|
|
BOOL access_ok;
|
|
|
|
|
GENERIC_MAPPING generic_mapping;
|
|
|
|
|
DWORD access_check;
|
|
|
|
|
DWORD access;
|
|
|
|
|
DWORD file_attr;
|
|
|
|
|
|
|
|
|
|
file_attr = GetFileAttributes(wfile.c_str());
|
|
|
|
|
|
|
|
|
|
if ((file_attr & INVALID_FILE_ATTRIBUTES) == INVALID_FILE_ATTRIBUTES) {
|
|
|
|
|
|
|
|
|
|
switch (GetLastError()) {
|
|
|
|
|
case ERROR_FILE_NOT_FOUND:
|
|
|
|
|
case ERROR_PATH_NOT_FOUND:
|
2010-05-21 03:13:36 +02:00
|
|
|
throw AcsNotFound("File or path not found.");
|
|
|
|
|
break;
|
|
|
|
|
|
2010-05-23 22:39:14 +02:00
|
|
|
case ERROR_ACCESS_DENIED:
|
|
|
|
|
throw AcsAccess("Access denied to file or path component");
|
2010-05-21 03:13:36 +02:00
|
|
|
break;
|
|
|
|
|
|
2010-05-23 22:39:14 +02:00
|
|
|
default:
|
2010-05-21 03:13:36 +02:00
|
|
|
throw AcsFatal("Fatal I/O error occurred.");
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
switch (type) {
|
|
|
|
|
case FileRead:
|
2010-05-23 22:39:14 +02:00
|
|
|
case FileWrite: {
|
|
|
|
|
if ((file_attr & FILE_ATTRIBUTE_DIRECTORY) == FILE_ATTRIBUTE_DIRECTORY)
|
2010-05-21 03:13:36 +02:00
|
|
|
throw AcsNotAFile("Not a file.");
|
2010-05-23 22:39:14 +02:00
|
|
|
break;
|
|
|
|
|
}
|
2010-05-21 03:13:36 +02:00
|
|
|
case DirRead:
|
2010-05-23 22:39:14 +02:00
|
|
|
case DirWrite: {
|
|
|
|
|
if ((file_attr & FILE_ATTRIBUTE_DIRECTORY) != FILE_ATTRIBUTE_DIRECTORY)
|
2010-05-21 03:13:36 +02:00
|
|
|
throw AcsNotADirectory("Not a directory.");
|
2010-05-23 22:39:14 +02:00
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
GetFileSecurity(wfile.c_str(), info, NULL, 0, &len);
|
|
|
|
|
if (GetLastError() != ERROR_INSUFFICIENT_BUFFER) {
|
|
|
|
|
std::cout << "GetFileSecurity: fatal: " << util::ErrorString(GetLastError()) << std::endl;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
sd = (SECURITY_DESCRIPTOR *)malloc(len);
|
|
|
|
|
if (sd == NULL) {
|
|
|
|
|
std::cout << "GetFileSecurity: insufficient memory" << std::endl;
|
|
|
|
|
} else {
|
|
|
|
|
if (!GetFileSecurity(wfile.c_str(), info, sd, len, &len)) {
|
|
|
|
|
std::cout << "GetFileSecurity failed: " << util::ErrorString(GetLastError()) << std::endl;
|
|
|
|
|
free(sd);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ImpersonateSelf(SecurityImpersonation);
|
|
|
|
|
if (!OpenThreadToken(GetCurrentThread(), TOKEN_ALL_ACCESS, TRUE, &client_token)) {
|
|
|
|
|
std::cout << "OpenThreadToken failed: " << util::ErrorString(GetLastError()) << std::endl;
|
2010-05-21 03:13:36 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
switch (type) {
|
|
|
|
|
case DirRead:
|
2010-05-23 22:39:14 +02:00
|
|
|
case FileRead: {
|
|
|
|
|
access_check = FILE_READ_DATA;
|
|
|
|
|
MapGenericMask(&access_check, &generic_mapping);
|
|
|
|
|
if(!AccessCheck(sd, client_token, access_check, &generic_mapping, &priv_set, &priv_set_size, &access, &access_ok)) {
|
|
|
|
|
std::cout << "AccessCheck failed: " << util::ErrorString(GetLastError()) << std::endl;
|
|
|
|
|
}
|
|
|
|
|
free(sd);
|
|
|
|
|
if (!access)
|
2010-05-21 03:13:36 +02:00
|
|
|
throw AcsRead("File or directory is not readable.");
|
2010-05-23 22:39:14 +02:00
|
|
|
break;
|
|
|
|
|
}
|
2010-05-21 03:13:36 +02:00
|
|
|
case DirWrite:
|
2010-05-23 22:39:14 +02:00
|
|
|
case FileWrite: {
|
|
|
|
|
access_check = FILE_APPEND_DATA | FILE_WRITE_DATA;
|
|
|
|
|
MapGenericMask(&access_check, &generic_mapping);
|
|
|
|
|
if(!AccessCheck(sd, client_token, access_check, &generic_mapping, &priv_set, &priv_set_size, &access, &access_ok)) {
|
|
|
|
|
std::cout << "AccessCheck failed: " << util::ErrorString(GetLastError()) << std::endl;
|
|
|
|
|
}
|
|
|
|
|
free(sd);
|
|
|
|
|
if (!access)
|
2010-05-21 03:13:36 +02:00
|
|
|
throw AcsWrite("File or directory is not writable.");
|
2010-05-23 22:39:14 +02:00
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
default: {
|
|
|
|
|
std::cout << "Warning: type not handled" << std::endl;
|
|
|
|
|
free(sd);
|
|
|
|
|
}
|
2010-05-21 03:13:36 +02:00
|
|
|
}
|
2010-05-23 22:39:14 +02:00
|
|
|
|
2010-05-21 03:13:36 +02:00
|
|
|
}
|
2010-05-23 22:39:14 +02:00
|
|
|
|
|
|
|
|
} // namespace Access
|
|
|
|
|
} // namespace agi
|
