Audacity  3.0.3
Static Public Member Functions | List of all members
XMLValueChecker Class Reference

XMLValueChecker implements static bool methods for checking input values from XML files. More...

#include <XMLTagHandler.h>

Static Public Member Functions

static bool IsGoodString (const wxString &str)
 
static bool IsGoodLongString (const wxString &str)
 
static bool IsGoodFileName (const FilePath &strFileName, const FilePath &strDirName={})
 
static bool IsGoodFileString (const FilePath &str)
 
static bool IsGoodSubdirName (const FilePath &strSubdirName, const FilePath &strDirName={})
 
static bool IsGoodPathName (const FilePath &strPathName)
 
static bool IsGoodPathString (const FilePath &str)
 
static bool IsGoodInt (const wxString &strInt)
 Check that the supplied string can be converted to a long (32bit) integer. More...
 
static bool IsGoodInt64 (const wxString &strInt)
 Check that the supplied string can be converted to a 64bit integer. More...
 
static bool IsGoodIntForRange (const wxString &strInt, const wxString &strMAXABS)
 

Detailed Description

XMLValueChecker implements static bool methods for checking input values from XML files.

Definition at line 22 of file XMLTagHandler.h.

Member Function Documentation

◆ IsGoodFileName()

bool XMLValueChecker::IsGoodFileName ( const FilePath strFileName,
const FilePath strDirName = {} 
)
static

Definition at line 58 of file XMLTagHandler.cpp.

59 {
60  // Test strFileName.
61  if (!IsGoodFileString(strFileName) ||
62  (strDirName.length() + 1 + strFileName.length() > PLATFORM_MAX_PATH))
63  return false;
64 
65  // Test the corresponding wxFileName.
66  wxFileName fileName(strDirName, strFileName);
67  return (fileName.IsOk() && fileName.FileExists());
68 }

References IsGoodFileString(), and PLATFORM_MAX_PATH.

Referenced by AUPImportFileHandle::HandleImport(), AUPImportFileHandle::HandlePCMAliasBlockFile(), and IsGoodPathName().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ IsGoodFileString()

bool XMLValueChecker::IsGoodFileString ( const FilePath str)
static

Definition at line 70 of file XMLTagHandler.cpp.

71 {
72  return (IsGoodString(str) &&
73  !str.empty() &&
74 
75  // FILENAME_MAX is 260 in MSVC, but inconsistent across platforms,
76  // sometimes huge, but we use 260 for all platforms.
77  (str.length() <= 260) &&
78 
79  (str.Find(wxFileName::GetPathSeparator()) == -1)); // No path separator characters.
80 }

References IsGoodString().

Referenced by AUPImportFileHandle::HandleSimpleBlockFile(), IsGoodFileName(), and IsGoodSubdirName().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ IsGoodInt()

bool XMLValueChecker::IsGoodInt ( const wxString &  strInt)
static

Check that the supplied string can be converted to a long (32bit) integer.

Note that because wxString::ToLong does additional testing, IsGoodInt doesn't duplicate that testing, so use wxString::ToLong after IsGoodInt, not just atoi.

Parameters
strIntThe string to test
Returns
true if the string is convertible, false if not

Definition at line 157 of file XMLTagHandler.cpp.

158 {
159  // Signed long: -2,147,483,648 to +2,147,483,647, i.e., -2^31 to 2^31-1
160  return IsGoodIntForRange( strInt, "2147483648" );
161 }

References IsGoodIntForRange().

Referenced by SqliteSampleBlockFactory::DoCreateFromXML(), Track::HandleCommonXMLAttribute(), AUPImportFileHandle::HandlePCMAliasBlockFile(), AUPImportFileHandle::HandleProject(), AUPImportFileHandle::HandleSequence(), AUPImportFileHandle::HandleSilentBlockFile(), AUPImportFileHandle::HandleSimpleBlockFile(), PlayableTrack::HandleXMLAttribute(), TrackView::HandleXMLAttribute(), VSTEffect::HandleXMLTag(), Envelope::HandleXMLTag(), LabelTrack::HandleXMLTag(), NoteTrack::HandleXMLTag(), Sequence::HandleXMLTag(), TimeTrack::HandleXMLTag(), and WaveTrack::HandleXMLTag().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ IsGoodInt64()

bool XMLValueChecker::IsGoodInt64 ( const wxString &  strInt)
static

Check that the supplied string can be converted to a 64bit integer.

Note that because wxString::ToLongLong does additional testing, IsGoodInt64 doesn't duplicate that testing, so use wxString::ToLongLong after IsGoodInt64 not just atoll.

Parameters
strIntThe string to test
Returns
true if the string is convertible, false if not

Definition at line 163 of file XMLTagHandler.cpp.

164 {
165  // Signed 64-bit: -9,223,372,036,854,775,808 to +9,223,372,036,854,775,807, i.e., -2^63 to 2^63-1
166  return IsGoodIntForRange( strInt, "9223372036854775808" );
167 }

References IsGoodIntForRange().

Referenced by AUPImportFileHandle::HandlePCMAliasBlockFile(), AUPImportFileHandle::HandleSequence(), AUPImportFileHandle::HandleWaveBlock(), and Sequence::HandleXMLTag().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ IsGoodIntForRange()

bool XMLValueChecker::IsGoodIntForRange ( const wxString &  strInt,
const wxString &  strMAXABS 
)
static

Definition at line 113 of file XMLTagHandler.cpp.

114 {
115  if (!IsGoodString(strInt))
116  return false;
117 
118  // Check that the value won't overflow.
119  // Must lie between -Range and +Range-1
120  // We're strict about disallowing spaces and commas, and requiring minus sign to be first
121  // char for negative. No + sign for positive numbers. It's disallowed, not optional.
122 
123  const size_t lenMAXABS = strMAXABS.length();
124  const size_t lenStrInt = strInt.length();
125 
126  if( lenStrInt < 1 )
127  return false;
128  size_t offset = (strInt[0] == '-') ?1:0;
129  if( lenStrInt <= offset )
130  return false;// string too short, no digits in it.
131 
132  if (lenStrInt > (lenMAXABS + offset))
133  return false;
134 
135  unsigned int i;
136  for (i = offset; i < lenStrInt; i++)
137  if (strInt[i] < '0' || strInt[i] > '9' )
138  return false; // not a digit
139 
140  // All chars were digits.
141  if( lenStrInt < (lenMAXABS + offset) )
142  return true; // too few digits to overflow.
143 
144  // Numerical part is same length as strMAXABS
145  for (i = 0; i < lenMAXABS; i++)
146  if (strInt[i+offset] < strMAXABS[i])
147  return true; // number is small enough
148  else if (strInt[i+offset] > strMAXABS[i])
149  return false; // number is too big.
150 
151  // Digits were textually equal to strMAXABS
152  // That's OK if negative, but not OK if positive.
153  return (strInt[0] == '-');
154 }

References IsGoodString().

Referenced by IsGoodInt(), and IsGoodInt64().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ IsGoodLongString()

bool XMLValueChecker::IsGoodLongString ( const wxString &  str)
static

Definition at line 51 of file XMLTagHandler.cpp.

52 {
53  return str.Find('\0', false) == wxNOT_FOUND; // No null characters except terminator.
54 }

Referenced by LabelTrack::HandleXMLTag(), Tags::HandleXMLTag(), WaveClip::HandleXMLTag(), and IsGoodString().

Here is the caller graph for this function:

◆ IsGoodPathName()

bool XMLValueChecker::IsGoodPathName ( const FilePath strPathName)
static

Definition at line 98 of file XMLTagHandler.cpp.

99 {
100  // Test the corresponding wxFileName.
101  wxFileName fileName(strPathName);
102  return XMLValueChecker::IsGoodFileName(fileName.GetFullName(), fileName.GetPath(wxPATH_GET_VOLUME));
103 }

References IsGoodFileName().

Referenced by AUPImportFileHandle::HandleImport(), and AUPImportFileHandle::HandlePCMAliasBlockFile().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ IsGoodPathString()

bool XMLValueChecker::IsGoodPathString ( const FilePath str)
static

Definition at line 105 of file XMLTagHandler.cpp.

106 {
107  return (IsGoodString(str) &&
108  !str.empty() &&
109  (str.length() <= PLATFORM_MAX_PATH));
110 }

References IsGoodString(), and PLATFORM_MAX_PATH.

Referenced by AUPImportFileHandle::HandlePCMAliasBlockFile().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ IsGoodString()

bool XMLValueChecker::IsGoodString ( const wxString &  str)
static

Definition at line 38 of file XMLTagHandler.cpp.

39 {
40  // Originally based on MAX_PATH, which is way too limiting and just wrong since
41  // the length check is for a plain string and not a filename
42  if (IsGoodLongString(str) && str.length() <= 4096) // Shouldn't be any reason for longer strings, except intentional file corruption.
43  {
44  return true;
45  }
46 
47  return false;
48 }

References IsGoodLongString().

Referenced by Track::HandleCommonXMLAttribute(), AUPImportFileHandle::HandleImport(), AUPImportFileHandle::HandleProject(), AUPImportFileHandle::HandleTag(), AUPImportFileHandle::HandleTags(), CommandManager::HandleXMLTag(), EffectEqualization::HandleXMLTag(), VSTEffect::HandleXMLTag(), NoteTrack::HandleXMLTag(), ProjectFileIO::HandleXMLTag(), Tags::HandleXMLTag(), WaveClip::HandleXMLTag(), WaveTrack::HandleXMLTag(), IsGoodFileString(), IsGoodIntForRange(), and IsGoodPathString().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ IsGoodSubdirName()

bool XMLValueChecker::IsGoodSubdirName ( const FilePath strSubdirName,
const FilePath strDirName = {} 
)
static

Definition at line 82 of file XMLTagHandler.cpp.

83 {
84  // Test strSubdirName.
85  // Note this prevents path separators, and relative path to parents (strDirName),
86  // so fixes vulnerability #3 in the NGS report for UmixIt,
87  // where an attacker could craft an AUP file with relative pathnames to get to system files, for example.
88  if (!IsGoodFileString(strSubdirName) ||
89  (strSubdirName == wxT(".")) || (strSubdirName == wxT("..")) ||
90  (strDirName.length() + 1 + strSubdirName.length() > PLATFORM_MAX_PATH))
91  return false;
92 
93  // Test the corresponding wxFileName.
94  wxFileName fileName(strDirName, strSubdirName);
95  return (fileName.IsOk() && fileName.DirExists());
96 }

References IsGoodFileString(), and PLATFORM_MAX_PATH.

Here is the call graph for this function:

The documentation for this class was generated from the following files:
XMLValueChecker::IsGoodString
static bool IsGoodString(const wxString &str)
Definition: XMLTagHandler.cpp:38
XMLValueChecker::IsGoodFileName
static bool IsGoodFileName(const FilePath &strFileName, const FilePath &strDirName={})
Definition: XMLTagHandler.cpp:58
XMLValueChecker::IsGoodFileString
static bool IsGoodFileString(const FilePath &str)
Definition: XMLTagHandler.cpp:70
XMLValueChecker::IsGoodLongString
static bool IsGoodLongString(const wxString &str)
Definition: XMLTagHandler.cpp:51
PLATFORM_MAX_PATH
#define PLATFORM_MAX_PATH
Definition: FileNames.h:22
XMLValueChecker::IsGoodIntForRange
static bool IsGoodIntForRange(const wxString &strInt, const wxString &strMAXABS)
Definition: XMLTagHandler.cpp:113