Audacity  3.0.3
Public Types | Static Public Member Functions | List of all members
XMLValueChecker Class Reference

XMLValueChecker implements static bool methods for checking input values from XML files. More...

#include <XMLTagHandler.h>

Public Types

enum  ChannelType { LeftChannel = 0, RightChannel = 1, MonoChannel = 2 }
 

Static Public Member Functions

static bool IsGoodString (const wxString &str)
 
static bool IsGoodLongString (const wxString &str)
 
static bool IsGoodFileName (const FilePath &strFileName, const FilePath &strDirName={})
 
static bool IsGoodFileString (const FilePath &str)
 
static bool IsGoodSubdirName (const FilePath &strSubdirName, const FilePath &strDirName={})
 
static bool IsGoodPathName (const FilePath &strPathName)
 
static bool IsGoodPathString (const FilePath &str)
 
static bool IsGoodInt (const wxString &strInt)
 Check that the supplied string can be converted to a long (32bit) integer. More...
 
static bool IsGoodInt64 (const wxString &strInt)
 Check that the supplied string can be converted to a 64bit integer. More...
 
static bool IsGoodIntForRange (const wxString &strInt, const wxString &strMAXABS)
 
static bool IsValidChannel (const int nValue)
 
static bool IsValidVisibleChannels (const int nValue)
 
static bool IsValidSampleFormat (const int nValue)
 

Detailed Description

XMLValueChecker implements static bool methods for checking input values from XML files.

Definition at line 28 of file XMLTagHandler.h.

Member Enumeration Documentation

◆ ChannelType

Enumerator
LeftChannel 
RightChannel 
MonoChannel 

Definition at line 66 of file XMLTagHandler.h.

67  {
68  LeftChannel = 0,
69  RightChannel = 1,
70  MonoChannel = 2
71  };

Member Function Documentation

◆ IsGoodFileName()

bool XMLValueChecker::IsGoodFileName ( const FilePath strFileName,
const FilePath strDirName = {} 
)
static

Definition at line 59 of file XMLTagHandler.cpp.

60 {
61  // Test strFileName.
62  if (!IsGoodFileString(strFileName) ||
63  (strDirName.length() + 1 + strFileName.length() > PLATFORM_MAX_PATH))
64  return false;
65 
66  // Test the corresponding wxFileName.
67  wxFileName fileName(strDirName, strFileName);
68  return (fileName.IsOk() && fileName.FileExists());
69 }

References IsGoodFileString(), and PLATFORM_MAX_PATH.

Referenced by LegacyBlockFile::BuildFromXML(), LegacyAliasBlockFile::BuildFromXML(), ODDecodeBlockFile::BuildFromXML(), ODPCMAliasBlockFile::BuildFromXML(), PCMAliasBlockFile::BuildFromXML(), AUPImportFileHandle::HandleImport(), AUPImportFileHandle::HandlePCMAliasBlockFile(), and IsGoodPathName().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ IsGoodFileString()

bool XMLValueChecker::IsGoodFileString ( const FilePath str)
static

Definition at line 71 of file XMLTagHandler.cpp.

72 {
73  return (IsGoodString(str) &&
74  !str.empty() &&
75 
76  // FILENAME_MAX is 260 in MSVC, but inconsistent across platforms,
77  // sometimes huge, but we use 260 for all platforms.
78  (str.length() <= 260) &&
79 
80  (str.Find(wxFileName::GetPathSeparator()) == -1)); // No path separator characters.
81 }

References IsGoodString().

Referenced by ODDecodeBlockFile::BuildFromXML(), ODPCMAliasBlockFile::BuildFromXML(), PCMAliasBlockFile::BuildFromXML(), SimpleBlockFile::BuildFromXML(), AUPImportFileHandle::HandleSimpleBlockFile(), IsGoodFileName(), and IsGoodSubdirName().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ IsGoodInt()

bool XMLValueChecker::IsGoodInt ( const wxString &  strInt)
static

Check that the supplied string can be converted to a long (32bit) integer.

Note that because wxString::ToLong does additional testing, IsGoodInt doesn't duplicate that testing, so use wxString::ToLong after IsGoodInt, not just atoi.

Parameters
strIntThe string to test
Returns
true if the string is convertible, false if not

Definition at line 158 of file XMLTagHandler.cpp.

159 {
160  // Signed long: -2,147,483,648 to +2,147,483,647, i.e., -2^31 to 2^31-1
161  return IsGoodIntForRange( strInt, "2147483648" );
162 }

References IsGoodIntForRange().

Referenced by LegacyBlockFile::BuildFromXML(), LegacyAliasBlockFile::BuildFromXML(), ODDecodeBlockFile::BuildFromXML(), ODPCMAliasBlockFile::BuildFromXML(), PCMAliasBlockFile::BuildFromXML(), SilentBlockFile::BuildFromXML(), SimpleBlockFile::BuildFromXML(), SqliteSampleBlockFactory::DoCreateFromXML(), Track::HandleCommonXMLAttribute(), AUPImportFileHandle::HandlePCMAliasBlockFile(), AUPImportFileHandle::HandleProject(), AUPImportFileHandle::HandleSequence(), AUPImportFileHandle::HandleSilentBlockFile(), AUPImportFileHandle::HandleSimpleBlockFile(), PlayableTrack::HandleXMLAttribute(), TrackView::HandleXMLAttribute(), VSTEffect::HandleXMLTag(), Envelope::HandleXMLTag(), LabelTrack::HandleXMLTag(), NoteTrack::HandleXMLTag(), Sequence::HandleXMLTag(), TimeTrack::HandleXMLTag(), and WaveTrack::HandleXMLTag().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ IsGoodInt64()

bool XMLValueChecker::IsGoodInt64 ( const wxString &  strInt)
static

Check that the supplied string can be converted to a 64bit integer.

Note that because wxString::ToLongLong does additional testing, IsGoodInt64 doesn't duplicate that testing, so use wxString::ToLongLong after IsGoodInt64 not just atoll.

Parameters
strIntThe string to test
Returns
true if the string is convertible, false if not

Definition at line 164 of file XMLTagHandler.cpp.

165 {
166  // Signed 64-bit: -9,223,372,036,854,775,808 to +9,223,372,036,854,775,807, i.e., -2^63 to 2^63-1
167  return IsGoodIntForRange( strInt, "9223372036854775808" );
168 }

References IsGoodIntForRange().

Referenced by LegacyAliasBlockFile::BuildFromXML(), ODDecodeBlockFile::BuildFromXML(), ODPCMAliasBlockFile::BuildFromXML(), PCMAliasBlockFile::BuildFromXML(), AUPImportFileHandle::HandlePCMAliasBlockFile(), AUPImportFileHandle::HandleSequence(), AUPImportFileHandle::HandleWaveBlock(), and Sequence::HandleXMLTag().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ IsGoodIntForRange()

bool XMLValueChecker::IsGoodIntForRange ( const wxString &  strInt,
const wxString &  strMAXABS 
)
static

Definition at line 114 of file XMLTagHandler.cpp.

115 {
116  if (!IsGoodString(strInt))
117  return false;
118 
119  // Check that the value won't overflow.
120  // Must lie between -Range and +Range-1
121  // We're strict about disallowing spaces and commas, and requiring minus sign to be first
122  // char for negative. No + sign for positive numbers. It's disallowed, not optional.
123 
124  const size_t lenMAXABS = strMAXABS.length();
125  const size_t lenStrInt = strInt.length();
126 
127  if( lenStrInt < 1 )
128  return false;
129  size_t offset = (strInt[0] == '-') ?1:0;
130  if( lenStrInt <= offset )
131  return false;// string too short, no digits in it.
132 
133  if (lenStrInt > (lenMAXABS + offset))
134  return false;
135 
136  unsigned int i;
137  for (i = offset; i < lenStrInt; i++)
138  if (strInt[i] < '0' || strInt[i] > '9' )
139  return false; // not a digit
140 
141  // All chars were digits.
142  if( lenStrInt < (lenMAXABS + offset) )
143  return true; // too few digits to overflow.
144 
145  // Numerical part is same length as strMAXABS
146  for (i = 0; i < lenMAXABS; i++)
147  if (strInt[i+offset] < strMAXABS[i])
148  return true; // number is small enough
149  else if (strInt[i+offset] > strMAXABS[i])
150  return false; // number is too big.
151 
152  // Digits were textually equal to strMAXABS
153  // That's OK if negative, but not OK if positive.
154  return (strInt[0] == '-');
155 }

References IsGoodString().

Referenced by IsGoodInt(), and IsGoodInt64().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ IsGoodLongString()

bool XMLValueChecker::IsGoodLongString ( const wxString &  str)
static

Definition at line 52 of file XMLTagHandler.cpp.

53 {
54  return str.Find('\0', false) == wxNOT_FOUND; // No null characters except terminator.
55 }

Referenced by LabelTrack::HandleXMLTag(), Tags::HandleXMLTag(), and IsGoodString().

Here is the caller graph for this function:

◆ IsGoodPathName()

bool XMLValueChecker::IsGoodPathName ( const FilePath strPathName)
static

Definition at line 99 of file XMLTagHandler.cpp.

100 {
101  // Test the corresponding wxFileName.
102  wxFileName fileName(strPathName);
103  return XMLValueChecker::IsGoodFileName(fileName.GetFullName(), fileName.GetPath(wxPATH_GET_VOLUME));
104 }

References IsGoodFileName().

Referenced by LegacyAliasBlockFile::BuildFromXML(), ODDecodeBlockFile::BuildFromXML(), ODPCMAliasBlockFile::BuildFromXML(), PCMAliasBlockFile::BuildFromXML(), AUPImportFileHandle::HandleImport(), and AUPImportFileHandle::HandlePCMAliasBlockFile().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ IsGoodPathString()

bool XMLValueChecker::IsGoodPathString ( const FilePath str)
static

Definition at line 106 of file XMLTagHandler.cpp.

107 {
108  return (IsGoodString(str) &&
109  !str.empty() &&
110  (str.length() <= PLATFORM_MAX_PATH));
111 }

References IsGoodString(), and PLATFORM_MAX_PATH.

Referenced by LegacyAliasBlockFile::BuildFromXML(), ODDecodeBlockFile::BuildFromXML(), ODPCMAliasBlockFile::BuildFromXML(), PCMAliasBlockFile::BuildFromXML(), and AUPImportFileHandle::HandlePCMAliasBlockFile().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ IsGoodString()

bool XMLValueChecker::IsGoodString ( const wxString &  str)
static

Definition at line 39 of file XMLTagHandler.cpp.

40 {
41  // Originally based on MAX_PATH, which is way too limiting and just wrong since
42  // the length check is for a plain string and not a filename
43  if (IsGoodLongString(str) && str.length() <= 4096) // Shouldn't be any reason for longer strings, except intentional file corruption.
44  {
45  return true;
46  }
47 
48  return false;
49 }

References IsGoodLongString().

Referenced by PCMAliasBlockFile::BuildFromXML(), SimpleBlockFile::BuildFromXML(), Track::HandleCommonXMLAttribute(), AUPImportFileHandle::HandleImport(), AUPImportFileHandle::HandleProject(), AUPImportFileHandle::HandleTag(), AUPImportFileHandle::HandleTags(), CommandManager::HandleXMLTag(), EffectEqualization::HandleXMLTag(), VSTEffect::HandleXMLTag(), NoteTrack::HandleXMLTag(), ProjectFileIO::HandleXMLTag(), Tags::HandleXMLTag(), WaveClip::HandleXMLTag(), WaveTrack::HandleXMLTag(), IsGoodFileString(), IsGoodIntForRange(), and IsGoodPathString().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ IsGoodSubdirName()

bool XMLValueChecker::IsGoodSubdirName ( const FilePath strSubdirName,
const FilePath strDirName = {} 
)
static

Definition at line 83 of file XMLTagHandler.cpp.

84 {
85  // Test strSubdirName.
86  // Note this prevents path separators, and relative path to parents (strDirName),
87  // so fixes vulnerability #3 in the NGS report for UmixIt,
88  // where an attacker could craft an AUP file with relative pathnames to get to system files, for example.
89  if (!IsGoodFileString(strSubdirName) ||
90  (strSubdirName == wxT(".")) || (strSubdirName == wxT("..")) ||
91  (strDirName.length() + 1 + strSubdirName.length() > PLATFORM_MAX_PATH))
92  return false;
93 
94  // Test the corresponding wxFileName.
95  wxFileName fileName(strDirName, strSubdirName);
96  return (fileName.IsOk() && fileName.DirExists());
97 }

References IsGoodFileString(), and PLATFORM_MAX_PATH.

Here is the call graph for this function:

◆ IsValidChannel()

bool XMLValueChecker::IsValidChannel ( const int  nValue)
static

Definition at line 170 of file XMLTagHandler.cpp.

171 {
172  return (nValue >= LeftChannel) && (nValue <= MonoChannel);
173 }

References LeftChannel, and MonoChannel.

Referenced by LegacyAliasBlockFile::BuildFromXML(), ODDecodeBlockFile::BuildFromXML(), ODPCMAliasBlockFile::BuildFromXML(), PCMAliasBlockFile::BuildFromXML(), and WaveTrack::HandleXMLTag().

Here is the caller graph for this function:

◆ IsValidSampleFormat()

bool XMLValueChecker::IsValidSampleFormat ( const int  nValue)
static

Definition at line 182 of file XMLTagHandler.cpp.

183 {
184  return (nValue == int16Sample) || (nValue == int24Sample) || (nValue == floatSample);
185 }

References floatSample, int16Sample, and int24Sample.

Referenced by LegacyBlockFile::BuildFromXML(), AUPImportFileHandle::HandleSequence(), Sequence::HandleXMLTag(), and WaveTrack::HandleXMLTag().

Here is the caller graph for this function:

◆ IsValidVisibleChannels()

bool XMLValueChecker::IsValidVisibleChannels ( const int  nValue)
static

Definition at line 176 of file XMLTagHandler.cpp.

177 {
178  return (nValue >= 0 && nValue < (1 << 16));
179 }

Referenced by NoteTrack::HandleXMLTag().

Here is the caller graph for this function:

The documentation for this class was generated from the following files:
int24Sample
@ int24Sample
Definition: Types.h:198
floatSample
@ floatSample
Definition: Types.h:199
XMLValueChecker::IsGoodString
static bool IsGoodString(const wxString &str)
Definition: XMLTagHandler.cpp:39
XMLValueChecker::LeftChannel
@ LeftChannel
Definition: XMLTagHandler.h:68
XMLValueChecker::MonoChannel
@ MonoChannel
Definition: XMLTagHandler.h:70
XMLValueChecker::IsGoodFileName
static bool IsGoodFileName(const FilePath &strFileName, const FilePath &strDirName={})
Definition: XMLTagHandler.cpp:59
XMLValueChecker::IsGoodFileString
static bool IsGoodFileString(const FilePath &str)
Definition: XMLTagHandler.cpp:71
XMLValueChecker::IsGoodLongString
static bool IsGoodLongString(const wxString &str)
Definition: XMLTagHandler.cpp:52
int16Sample
@ int16Sample
Definition: Types.h:197
PLATFORM_MAX_PATH
#define PLATFORM_MAX_PATH
Definition: FileNames.h:25
XMLValueChecker::IsGoodIntForRange
static bool IsGoodIntForRange(const wxString &strInt, const wxString &strMAXABS)
Definition: XMLTagHandler.cpp:114
XMLValueChecker::RightChannel
@ RightChannel
Definition: XMLTagHandler.h:69