[Android] FileProvider: check canonical path for access
Geoffrey Métais
git at videolan.org
Tue Feb 5 15:31:09 CET 2019
vlc-android | branch: master | Geoffrey Métais <geoffrey.metais at gmail.com> | Tue Feb 5 15:00:36 2019 +0100| [86051dd9753a126e454726d9141566d4b1999262] | committer: Geoffrey Métais
FileProvider: check canonical path for access
Thank Shivasurya S <s.shivasurya at gmail.com> for this security report.
> https://code.videolan.org/videolan/vlc-android/commit/86051dd9753a126e454726d9141566d4b1999262
---
vlc-android/src/org/videolan/vlc/FileProvider.kt | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/vlc-android/src/org/videolan/vlc/FileProvider.kt b/vlc-android/src/org/videolan/vlc/FileProvider.kt
index 6d59fcf2d..7b353e732 100644
--- a/vlc-android/src/org/videolan/vlc/FileProvider.kt
+++ b/vlc-android/src/org/videolan/vlc/FileProvider.kt
@@ -27,8 +27,8 @@ class FileProvider : ContentProvider() {
override fun getType(uri: Uri) = "image/${uri.path?.substringAfterLast('.')}"
override fun openFile(uri: Uri, mode: String?): ParcelFileDescriptor {
- if (uri.path.startsWith("/data")) throw SecurityException("Illegal access")
val file = File(uri.path)
+ if (file.canonicalPath.startsWith("/data")) throw SecurityException("Illegal access")
if (file.exists()) {
return ParcelFileDescriptor.open(file, ParcelFileDescriptor.MODE_READ_ONLY)
}
More information about the Android
mailing list