2006-04-07 Sebastien Pouliot <sebastien@ximian.com>

	* FileIOPermission.cs: Ensure the "bad" path characters match the OS
	ones. Reworked the code to avoid the modifiable array trap present in
	Fx 1.x and to be more precise in the 2.0 profile.

svn path=/trunk/mcs/; revision=59197

diff --git a/mcs/class/corlib/System.Security.Permissions/ChangeLog b/mcs/class/corlib/System.Security.Permissions/ChangeLog
index 58575413bc7f0b0b7b8432cb84926ba7a8317a13..3eae1ea941d7fbdbdf976215e9f46d585eb90f56 100644 (file)
--- a/mcs/class/corlib/System.Security.Permissions/ChangeLog
+++ b/mcs/class/corlib/System.Security.Permissions/ChangeLog
@@ -1,3 +1,9 @@
+2006-04-07  Sebastien Pouliot  <sebastien@ximian.com>
+
+       * FileIOPermission.cs: Ensure the "bad" path characters match the OS
+       ones. Reworked the code to avoid the modifiable array trap present in
+       Fx 1.x and to be more precise in the 2.0 profile.
+
 2005-11-14  Carlos Alberto Cortez <calberto.cortez@gmail.com>
 
        * IsolatedStoragePermission.cs: Updated FromXml with

diff --git a/mcs/class/corlib/System.Security.Permissions/FileIOPermission.cs b/mcs/class/corlib/System.Security.Permissions/FileIOPermission.cs
index 791b8eb03d47d6cee340d3ab1a93ab4ff9b22a6e..cba7df96023bd9644c42247750ff20827bcf3306 100644 (file)
--- a/mcs/class/corlib/System.Security.Permissions/FileIOPermission.cs
+++ b/mcs/class/corlib/System.Security.Permissions/FileIOPermission.cs
@@ -47,7 +47,28 @@ namespace System.Security.Permissions {
                 : CodeAccessPermission, IBuiltInPermission, IUnrestrictedPermission {\r
 
                private const int version = 1;
-               private static char[] m_badCharacters = {'\"','<', '>', '|', '*', '?'};\r
+
+#if NET_2_0
+               private static char[] BadPathNameCharacters;
+               private static char[] BadFileNameCharacters;
+
+               static FileIOPermission ()
+               {
+                       // we keep a local (static) copies to avoid calls/allocations
+                       BadPathNameCharacters = Path.GetInvalidPathChars ();
+                       BadFileNameCharacters = Path.GetInvalidFileNameChars ();
+               }
+#else
+               private static char[] m_badCharacters;
+
+               static FileIOPermission ()
+               {
+                       // note: deprecated in 2.0 as InvalidPathChars is an array (i.e. items can be
+                       // modified). Anyway we keep our own copy, which should be called by the 
+                       // security manager before anyone has the chance to change it.
+                       m_badCharacters = (char[]) Path.InvalidPathChars.Clone ();
+               }
+#endif\r
 
                private bool m_Unrestricted = false;\r
                private FileIOPermissionAccess m_AllFilesAccess = FileIOPermissionAccess.NoAccess;\r
@@ -438,10 +459,24 @@ namespace System.Security.Permissions {
 
                internal void ThrowIfInvalidPath (string path)
                {
+#if NET_2_0
+                       string dir = Path.GetDirectoryName (path);
+                       if ((dir != null) && (dir.LastIndexOfAny (BadPathNameCharacters) >= 0)) {
+                               string msg = String.Format (Locale.GetText ("Invalid path characters in path: '{0}'"), path);\r
+                               throw new ArgumentException (msg, "path");\r
+                       }
+\r
+                       string fname = Path.GetFileName (path);
+                       if ((fname != null) && (fname.LastIndexOfAny (BadFileNameCharacters) >= 0)) {
+                               string msg = String.Format (Locale.GetText ("Invalid filename characters in path: '{0}'"), path);\r
+                               throw new ArgumentException (msg, "path");\r
+                       }
+#else
                        if (path.LastIndexOfAny (m_badCharacters) >= 0) {\r
                                string msg = String.Format (Locale.GetText ("Invalid characters in path: '{0}'"), path);\r
                                throw new ArgumentException (msg, "path");\r
-                       }\r
+                       }
+#endif\r
                        // LAMESPEC: docs don't say it must be a rooted path, but the MS implementation enforces it, so we will too.\r
                        if (!Path.IsPathRooted (path)) {
                                string msg = Locale.GetText ("Absolute path information is required.");