(url-handler-directory-file-name): New handler.

(url-file-local-copy): Plug race condition security hole.
author: Stefan Monnier 2006-03-29 08:00:09 +0000
committer: Stefan Monnier 2006-03-29 08:00:09 +0000
commit: bdba217b303242c4556aec783fbb080092458a1d (patch)
tree: ec276118383307bbec49ab11a7c5c66ff4fb67bd
parent: 29314e0fd78063d663bd272787d0ea81cc61e38e (diff)
download: emacs-bdba217b303242c4556aec783fbb080092458a1d.tar.gz
emacs-bdba217b303242c4556aec783fbb080092458a1d.zip
2 files changed, 25 insertions, 1 deletions
diff --git a/lisp/url/ChangeLog b/lisp/url/ChangeLog
index e7e358bb894..7d9e289e8e5 100644
--- a/lisp/url/ChangeLog
+++ b/lisp/url/ChangeLog
@@ -1,3 +1,8 @@
+2006-03-29  Stefan Monnier  <monnier@iro.umontreal.ca>
+        * url-handlers.el (url-handler-directory-file-name): New handler.
+        (url-file-local-copy): Plug race condition security hole.
 2006-03-27  Romain Francoise  <romain@orebokech.com>
        * url-irc.el (url-irc-rcirc, url-irc-erc): New functions.
diff --git a/lisp/url/url-handlers.el b/lisp/url/url-handlers.el
index 0338eefd268..00fc415659e 100644
--- a/lisp/url/url-handlers.el
+++ b/lisp/url/url-handlers.el
@@ -151,6 +151,8 @@ the arguments that would have been passed to OPERATION."
 (put 'substitute-in-file-name 'url-file-handlers 'url-file-handler-identity)
 (put 'file-name-absolute-p 'url-file-handlers (lambda (&rest ignored) t))
 (put 'expand-file-name 'url-file-handlers 'url-handler-expand-file-name)
+(put 'directory-file-name 'url-file-handlers 'url-handler-directory-file-name)
+;; (put 'file-name-as-directory 'url-file-handlers 'url-handler-file-name-as-directory)
 ;; These are operations that we do not support yet (DAV!!!)
 (put 'file-writable-p 'url-file-handlers 'ignore)
@@ -160,10 +162,27 @@ the arguments that would have been passed to OPERATION."
 (put 'vc-registered 'url-file-handlers 'ignore)
 (defun url-handler-expand-file-name (file &optional base)
+  ;; When we see "/foo/bar" in a file whose working dir is "http://bla/bla",
+  ;; there are two interpretations possible: either it's a local "/foo/bar"
+  ;; or it's "http:/bla/foo/bar".  When working with URLs, the second
+  ;; interpretation is the right one, but when working with Emacs file
+  ;; names, the first is preferred.
  (if (file-name-absolute-p file)
      (expand-file-name file "/")
    (url-expand-file-name file base)))
+;; directory-file-name and file-name-as-directory are kind of hard to
+;; implement really right for URLs since URLs can have repeated / chars.
+;; We'd want the following behavior:
+;; idempotence: (d-f-n (d-f-n X) == (d-f-n X)
+;; idempotence: (f-n-a-d (f-n-a-d X) == (f-n-a-d X)
+;; reversible:  (d-f-n (f-n-a-d (d-f-n X))) == (d-f-n X)
+;; reversible:  (f-n-a-d (d-f-n (f-n-a-d X))) == (f-n-a-d X)
+(defun url-handler-directory-file-name (dir)
+  ;; When there's more than a single /, just don't touch the slashes at all.
+  (if (string-match "//\\'" dir) dir
+    (url-run-real-handler 'directory-file-name (list dir))))
 ;; The actual implementation
 ;;;###autoload
 (defun url-copy-file (url newname &optional ok-if-already-exists keep-time)
@@ -193,7 +212,7 @@ A prefix arg makes KEEP-TIME non-nil."
  "Copy URL into a temporary file on this machine.
 Returns the name of the local copy, or nil, if FILE is directly
 accessible."
-  (let ((filename (make-temp-name "url")))
+  (let ((filename (make-temp-file "url")))
    (url-copy-file url filename)
    filename))
author	Stefan Monnier	2006-03-29 08:00:09 +0000
committer	Stefan Monnier	2006-03-29 08:00:09 +0000
commit	bdba217b303242c4556aec783fbb080092458a1d (patch)
tree	ec276118383307bbec49ab11a7c5c66ff4fb67bd
parent	29314e0fd78063d663bd272787d0ea81cc61e38e (diff)
download	emacs-bdba217b303242c4556aec783fbb080092458a1d.tar.gz emacs-bdba217b303242c4556aec783fbb080092458a1d.zip