prevent usage of db._useDatabase() in HTTP requests

2013-09-12 11:13:47 +02:00 · 2013-09-12 11:13:47 +02:00 · 6bbfb65f7c
parent 4a2626525c
commit 6bbfb65f7c
7 changed files with 23 additions and 8 deletions
--- a/arangod/RestServer/ArangoServer.cpp
+++ b/arangod/RestServer/ArangoServer.cpp
@ -788,7 +788,7 @@ int ArangoServer::executeConsole (OperationMode::server_operation_mode_e mode) {
  _applicationV8->start();

  // enter V8 context
-  ApplicationV8::V8Context* context = _applicationV8->enterContext(vocbase, true);
+  ApplicationV8::V8Context* context = _applicationV8->enterContext(vocbase, true, true);

  // .............................................................................
  // execute everything with a global scope
--- a/arangod/V8Server/ApplicationV8.cpp
+++ b/arangod/V8Server/ApplicationV8.cpp
@ -263,7 +263,8 @@ void ApplicationV8::skipUpgrade () {
 ////////////////////////////////////////////////////////////////////////////////

 ApplicationV8::V8Context* ApplicationV8::enterContext (TRI_vocbase_s* vocbase, 
-                                                       bool initialise) {
+                                                       bool initialise,
+                                                       bool allowUseDatabase) {
  CONDITION_LOCKER(guard, _contextCondition);

  while (_freeContexts.empty() && ! _stopping) {
@ -307,6 +308,7 @@ ApplicationV8::V8Context* ApplicationV8::enterContext (TRI_vocbase_s* vocbase,
  v8::HandleScope scope;
  TRI_v8_global_t* v8g = (TRI_v8_global_t*) v8::Isolate::GetCurrent()->GetData();  
  v8g->_vocbase = vocbase;
+  v8g->_allowUseDatabase = allowUseDatabase;
  
  return context;
 }
--- a/arangod/V8Server/ApplicationV8.h
+++ b/arangod/V8Server/ApplicationV8.h
@ -223,8 +223,9 @@ namespace triagens {
 /// @brief enters an context
 ////////////////////////////////////////////////////////////////////////////////

-        V8Context* enterContext (TRI_vocbase_s* vocbase, 
-                                 bool initialise);
+        V8Context* enterContext (TRI_vocbase_s*, 
+                                 bool,
+                                 bool);

 ////////////////////////////////////////////////////////////////////////////////
 /// @brief exists an context
@ -236,7 +237,7 @@ namespace triagens {
 /// @brief adds a global context functions to be executed asap
 ////////////////////////////////////////////////////////////////////////////////

-        void addGlobalContextMethod (string const& method);
+        void addGlobalContextMethod (string const&);

 ////////////////////////////////////////////////////////////////////////////////
 /// @brief runs the garbage collection
--- a/arangod/V8Server/v8-actions.cpp
+++ b/arangod/V8Server/v8-actions.cpp
@ -126,7 +126,7 @@ class v8_action_t : public TRI_action_t {
 ////////////////////////////////////////////////////////////////////////////////

    HttpResponse* execute (TRI_vocbase_t* vocbase, HttpRequest* request) {
-      ApplicationV8::V8Context* context = GlobalV8Dealer->enterContext(vocbase, false);
+      ApplicationV8::V8Context* context = GlobalV8Dealer->enterContext(vocbase, false, false);

      // note: the context might be 0 in case of shut-down
      if (context == 0) {
--- a/arangod/V8Server/v8-vocbase.cpp
+++ b/arangod/V8Server/v8-vocbase.cpp
@ -7701,9 +7701,14 @@ static v8::Handle<v8::Value> JS_UseDatabase (v8::Arguments const& argv) {
    TRI_V8_EXCEPTION_USAGE(scope, "db._useDatabase(<name>)");
  }

-  const string name = TRI_ObjectToString(argv[0]);
  TRI_v8_global_t* v8g = (TRI_v8_global_t*) v8::Isolate::GetCurrent()->GetData();  

+  if (! v8g->_allowUseDatabase) {
+    TRI_V8_EXCEPTION(scope, TRI_ERROR_FORBIDDEN);
+  }
+
+  const string name = TRI_ObjectToString(argv[0]);
+ 
  TRI_vocbase_t* vocbase = TRI_UseDatabaseServer((TRI_server_t*) v8g->_server, name.c_str());  

  if (vocbase != 0) {
--- a/lib/V8/v8-globals.cpp
+++ b/lib/V8/v8-globals.cpp
@ -111,7 +111,8 @@ TRI_v8_global_s::TRI_v8_global_s (v8::Isolate* isolate)
    _currentTransaction(0),
    _server(0),
    _vocbase(0),
-    _loader(0) 
+    _loader(0),
+    _allowUseDatabase(true) 
 {
  v8::HandleScope scope;

--- a/lib/V8/v8-globals.h
+++ b/lib/V8/v8-globals.h
@ -638,6 +638,12 @@ typedef struct TRI_v8_global_s {
 ////////////////////////////////////////////////////////////////////////////////

  void* _loader;
+
+////////////////////////////////////////////////////////////////////////////////
+/// @brief whether or not useDatabase() is allowed
+////////////////////////////////////////////////////////////////////////////////
+
+  bool _allowUseDatabase;
 }
 TRI_v8_global_t;