Hawkin
/
arangodb
mirror of https://gitee.com/bigwinds/arangodb
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

fix underflow in copying code (#10264)

This commit is contained in:
Jan 2019-10-16 16:54:55 +02:00 committed by GitHub
parent cfce3d8df8
commit 87bac40abb
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 20 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
arangod/V8Server/V8DealerFeature.cpp
View File

@ -513,18 +513,16 @@ void V8DealerFeature::copyInstallationFiles() {
// don't copy files in .bin // don't copy files in .bin
return true; return true;
} }
if (filename.size() >= nodeModulesPath.size()) { std::string normalized = filename;
std::string normalized = filename; FileUtils::normalizePath(normalized);
FileUtils::normalizePath(normalized); if ((!nodeModulesPath.empty() &&
if ((!nodeModulesPath.empty() && normalized.size() >= nodeModulesPath.size() &&
normalized.size() >= nodeModulesPath.size() && normalized.substr(normalized.size() - nodeModulesPath.size(), nodeModulesPath.size()) == nodeModulesPath) ||
normalized.substr(normalized.size() - nodeModulesPath.size(), nodeModulesPath.size()) == nodeModulesPath) || (!nodeModulesPathVersioned.empty() &&
(!nodeModulesPathVersioned.empty() && normalized.size() >= nodeModulesPathVersioned.size() &&
normalized.size() >= nodeModulesPathVersioned.size() && normalized.substr(normalized.size() - nodeModulesPathVersioned.size(), nodeModulesPathVersioned.size()) == nodeModulesPathVersioned)) {
normalized.substr(normalized.size() - nodeModulesPathVersioned.size(), nodeModulesPathVersioned.size()) == nodeModulesPathVersioned)) { // filter it out!
// filter it out! return true;
return true;
}
} }
// let the file/directory pass through // let the file/directory pass through
return false; return false;

21
arangosh/Shell/V8ShellFeature.cpp
View File

@ -288,17 +288,16 @@ void V8ShellFeature::copyInstallationFiles() {
return true; return true;
} }
if (filename.size() >= nodeModulesPath.size()) { std::string normalized = filename;
std::string normalized = filename; FileUtils::normalizePath(normalized);
FileUtils::normalizePath(normalized); if ((!nodeModulesPath.empty() &&
TRI_ASSERT(filename.size() == normalized.size()); normalized.size() >= nodeModulesPath.size() &&
if (normalized.substr(normalized.size() - nodeModulesPath.size(), normalized.substr(normalized.size() - nodeModulesPath.size(), nodeModulesPath.size()) == nodeModulesPath) ||
nodeModulesPath.size()) == nodeModulesPath || (!nodeModulesPathVersioned.empty() &&
normalized.substr(normalized.size() - nodeModulesPathVersioned.size(), normalized.size() >= nodeModulesPathVersioned.size() &&
nodeModulesPathVersioned.size()) == nodeModulesPathVersioned) { normalized.substr(normalized.size() - nodeModulesPathVersioned.size(), nodeModulesPathVersioned.size()) == nodeModulesPathVersioned)) {
// filter it out! // filter it out!
return true; return true;
}
} }
// let the file/directory pass through // let the file/directory pass through
return false; return false;