Skip to content

Commit 3ce7be0

Browse files
pringelmannpringelmann
committed
refactor(shares): fix TOCTOU in folder lookup
-e Signed-off-by: Peter Ringelmann <peter.ringelmann@nextcloud.com>
1 parent 050c2b9 commit 3ce7be0

File tree

2 files changed

+7
-12
lines changed

2 files changed

+7
-12
lines changed

lib/Controller/ShareApiController.php

Lines changed: 7 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -31,6 +31,7 @@
3131
use OCP\AppFramework\OCS\OCSNotFoundException;
3232
use OCP\AppFramework\OCSController;
3333
use OCP\Files\IRootFolder;
34+
use OCP\Files\NotFoundException;
3435
use OCP\IGroup;
3536
use OCP\IGroupManager;
3637
use OCP\IRequest;
@@ -274,12 +275,12 @@ public function updateShare(int $formId, int $shareId, array $keyValuePairs): Da
274275
if (in_array(Constants::PERMISSION_RESULTS, $keyValuePairs['permissions'], true)) {
275276
$userFolder = $this->rootFolder->getUserFolder($form->getOwnerId());
276277
$uploadedFilesFolderPath = $this->formsService->getFormUploadedFilesFolderPath($form);
277-
if ($userFolder->nodeExists($uploadedFilesFolderPath)) {
278+
try {
279+
/** @var \OCP\Files\Folder $folder */
278280
$folder = $userFolder->get($uploadedFilesFolderPath);
279-
} else {
281+
} catch (NotFoundException $e) {
280282
$folder = $userFolder->newFolder($uploadedFilesFolderPath);
281283
}
282-
/** @var \OCP\Files\Folder $folder */
283284

284285
$folderShare = $this->shareManager->newShare();
285286
$folderShare->setShareType($formShare->getShareType());
@@ -359,11 +360,11 @@ private function removeUploadedFilesShare(Form $form, Share $formShare): void {
359360

360361
$userFolder = $this->rootFolder->getUserFolder($form->getOwnerId());
361362
$uploadedFilesFolderPath = $this->formsService->getFormUploadedFilesFolderPath($form);
362-
if (!$userFolder->nodeExists($uploadedFilesFolderPath)) {
363+
try {
364+
$folder = $userFolder->get($uploadedFilesFolderPath);
365+
} catch (NotFoundException $e) {
363366
return;
364367
}
365-
366-
$folder = $userFolder->get($uploadedFilesFolderPath);
367368
$folderShares = $this->shareManager->getSharesBy($form->getOwnerId(), $formShare->getShareType(), $folder, false, -1);
368369
foreach ($folderShares as $folderShare) {
369370
if ($folderShare->getSharedWith() === $formShare->getShareWith()) {

tests/Unit/Controller/ShareApiControllerTest.php

Lines changed: 0 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -566,9 +566,6 @@ public function testDeleteShare_cleansUpFileShare(): void {
566566
// Mock the uploaded files folder lookup
567567
$folder = $this->createMock(Folder::class);
568568
$userFolder = $this->createMock(Folder::class);
569-
$userFolder->expects($this->once())
570-
->method('nodeExists')
571-
->willReturn(true);
572569
$userFolder->expects($this->once())
573570
->method('get')
574571
->willReturn($folder);
@@ -864,9 +861,6 @@ public function testUpdateShare(array $share, string $formOwner, array $keyValue
864861
->willReturn($this->createMock(IUser::class));
865862

866863
$userFolder = $this->createMock(Folder::class);
867-
$userFolder->expects($this->any())
868-
->method('nodeExists')
869-
->willReturn(true);
870864

871865
$file = $this->createMock(File::class);
872866
$file->expects($this->any())

0 commit comments

Comments
 (0)