From 034e39b2feaa9e4a3427ef7f7072f4fe766093c1 Mon Sep 17 00:00:00 2001 From: Alexandre Julliard Date: Wed, 5 Jun 2002 00:47:38 +0000 Subject: [PATCH] Check access rights before renaming or deleting files (based on patches by Uwe Bonnes and Dmitry Timoshkov). --- dlls/kernel/tests/file.c | 11 +++++------ files/file.c | 26 ++++++++++++++++++++++++++ 2 files changed, 31 insertions(+), 6 deletions(-) diff --git a/dlls/kernel/tests/file.c b/dlls/kernel/tests/file.c index 5ec3dd245ba..8fb2194e286 100644 --- a/dlls/kernel/tests/file.c +++ b/dlls/kernel/tests/file.c @@ -49,6 +49,8 @@ static void test__hread( void ) long bytes_wanted; UINT i; + SetFileAttributesA(filename,FILE_ATTRIBUTE_NORMAL); /* be sure to remove stale files */ + DeleteFileA( filename ); filehandle = _lcreat( filename, 0 ); if (filehandle == HFILE_ERROR) { @@ -224,14 +226,11 @@ static void test__lcreat( void ) ok( INVALID_HANDLE_VALUE != FindFirstFileA( filename, &search_results ), "should be able to find file" ); - todo_wine - { - ok( 0 == DeleteFileA( filename ), "shouldn't be able to delete a readonly file" ); + ok( 0 == DeleteFileA( filename ), "shouldn't be able to delete a readonly file" ); - ok( SetFileAttributesA(filename, FILE_ATTRIBUTE_NORMAL ) != 0, "couldn't change attributes on file" ); + ok( SetFileAttributesA(filename, FILE_ATTRIBUTE_NORMAL ) != 0, "couldn't change attributes on file" ); - ok( DeleteFileA( filename ) != 0, "now it should be possible to delete the file!" ); - } + ok( DeleteFileA( filename ) != 0, "now it should be possible to delete the file!" ); filehandle = _lcreat( filename, 2 ); ok( HFILE_ERROR != filehandle, "couldn't create file \"%s\" (err=%d)", filename, GetLastError( ) ); diff --git a/files/file.c b/files/file.c index 214fceadd8a..b1a596127b8 100644 --- a/files/file.c +++ b/files/file.c @@ -2149,6 +2149,7 @@ BOOL16 WINAPI DeleteFile16( LPCSTR path ) BOOL WINAPI DeleteFileA( LPCSTR path ) { DOS_FULL_NAME full_name; + HANDLE hFile; if (!path) { @@ -2170,11 +2171,20 @@ BOOL WINAPI DeleteFileA( LPCSTR path ) } if (!DOSFS_GetFullName( path, TRUE, &full_name )) return FALSE; + + /* check if we are allowed to delete the source */ + hFile = FILE_CreateFile( full_name.long_name, GENERIC_READ|GENERIC_WRITE, 0, + NULL, OPEN_EXISTING, 0, 0, TRUE, + GetDriveTypeA( full_name.short_name ) ); + if (!hFile) return FALSE; + if (unlink( full_name.long_name ) == -1) { FILE_SetDosError(); + CloseHandle(hFile); return FALSE; } + CloseHandle(hFile); return TRUE; } @@ -2317,6 +2327,7 @@ static BOOL FILE_AddBootRenameEntry( const char *fn1, const char *fn2, DWORD fla BOOL WINAPI MoveFileExA( LPCSTR fn1, LPCSTR fn2, DWORD flag ) { DOS_FULL_NAME full_name1, full_name2; + HANDLE hFile; TRACE("(%s,%s,%04lx)\n", fn1, fn2, flag); @@ -2385,6 +2396,21 @@ BOOL WINAPI MoveFileExA( LPCSTR fn1, LPCSTR fn2, DWORD flag ) return FILE_AddBootRenameEntry( fn1, fn2, flag ); } + /* check if we are allowed to delete the source */ + hFile = FILE_CreateFile( full_name1.long_name, GENERIC_READ|GENERIC_WRITE, 0, + NULL, OPEN_EXISTING, 0, 0, TRUE, + GetDriveTypeA( full_name1.short_name ) ); + if (!hFile) return FALSE; + CloseHandle(hFile); + + /* check, if we are allowed to delete the destination, + ** (but the file not being there is fine) */ + hFile = FILE_CreateFile( full_name2.long_name, GENERIC_READ|GENERIC_WRITE, 0, + NULL, OPEN_EXISTING, 0, 0, TRUE, + GetDriveTypeA( full_name2.short_name ) ); + if(!hFile && GetLastError() != ERROR_FILE_NOT_FOUND) return FALSE; + CloseHandle(hFile); + if (full_name1.drive != full_name2.drive) { /* use copy, if allowed */ -- 2.11.4.GIT