From 8ca680356a1212fa2019d56b8f5772f302513fc6 Mon Sep 17 00:00:00 2001 From: Stephane Glondu Date: Tue, 11 Mar 2008 13:00:55 +0100 Subject: [PATCH] Mise jour de MoinMoin darcs-hash:20080311120055-61eff-242468a771560577643cf49e457370f91e1bd8ac.gz --- wiki/user.py | 19 ++++++++++++++----- 1 file changed, 14 insertions(+), 5 deletions(-) diff --git a/wiki/user.py b/wiki/user.py index 22e902b2..8f5c6f5b 100644 --- a/wiki/user.py +++ b/wiki/user.py @@ -6,7 +6,7 @@ @license: GNU GPL, see COPYING for details. """ -import os, time, sha, codecs +import os, time, sha, codecs, re try: import cPickle as pickle @@ -19,6 +19,7 @@ PICKLE_PROTOCOL = pickle.HIGHEST_PROTOCOL from MoinMoin import config, caching, wikiutil from MoinMoin.util import filesys, timefuncs +USERID_re = re.compile(r'^\d+\.\d+(\.\d+)?$') def getUserList(request): """ Get a list of all (numerical) user IDs. @@ -27,10 +28,9 @@ def getUserList(request): @rtype: list @return: all user IDs """ - import re, dircache - user_re = re.compile(r'^\d+\.\d+(\.\d+)?$') + import dircache files = dircache.listdir(request.cfg.user_dir) - userlist = [f for f in files if user_re.match(f)] + userlist = [f for f in files if USERID_re.match(f)] return userlist @@ -210,7 +210,7 @@ class User: self._cfg = request.cfg self.valid = 0 self.trusted = 0 - self.id = id + self.id = self.id_sanitycheck(id) self.auth_username = auth_username self.auth_method = kw.get('auth_method', 'internal') self.auth_attribs = kw.get('auth_attribs', ()) @@ -299,6 +299,15 @@ class User: from random import randint return "%s.%d" % (str(time.time()), randint(0,65535)) + def id_sanitycheck(self, id): + """ only return valid user IDs, avoid someone faking his cookie to + contain '../../../somefile', breaking out of the data/user/ directory! + """ + if id and USERID_re.match(id): + return id + else: + return None + def create_or_update(self, changed=False): """ Create or update a user profile