From 80ef53eff09886efcbe983c1db383fc5290b2048 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Thomas=20M=C3=BCller?= <thomas.mueller@tmit.eu>
Date: Tue, 10 Mar 2015 13:08:22 +0100
Subject: [PATCH] verify the file name length not to exceed 255 characters +
 verify path during rename

---
 lib/private/files/storage/common.php          |  5 +++
 lib/private/files/view.php                    |  5 +++
 lib/public/files/filenametoolongexception.php | 34 +++++++++++++++++++
 tests/lib/files/pathverificationtest.php      | 10 ++++++
 4 files changed, 54 insertions(+)
 create mode 100644 lib/public/files/filenametoolongexception.php

diff --git a/lib/private/files/storage/common.php b/lib/private/files/storage/common.php
index 8549d5a1fa..031a2f1cb7 100644
--- a/lib/private/files/storage/common.php
+++ b/lib/private/files/storage/common.php
@@ -13,6 +13,7 @@ use OC\Files\Cache\Scanner;
 use OC\Files\Cache\Storage;
 use OC\Files\Filesystem;
 use OC\Files\Cache\Watcher;
+use OCP\Files\FileNameTooLongException;
 use OCP\Files\InvalidCharacterInPathException;
 use OCP\Files\InvalidPathException;
 use OCP\Files\ReservedWordException;
@@ -460,6 +461,10 @@ abstract class Common implements \OC\Files\Storage\Storage {
 	 * @inheritdoc
 	 */
 	public function verifyPath($path, $fileName) {
+		if (isset($fileName[255])) {
+			throw new FileNameTooLongException();
+		}
+
 		// NOTE: $path will remain unverified for now
 		if (\OC_Util::runningOnWindows()) {
 			$this->verifyWindowsPath($fileName);
diff --git a/lib/private/files/view.php b/lib/private/files/view.php
index 8b448abeb8..53e1339662 100644
--- a/lib/private/files/view.php
+++ b/lib/private/files/view.php
@@ -11,6 +11,7 @@ namespace OC\Files;
 
 use OC\Files\Cache\Updater;
 use OC\Files\Mount\MoveableMount;
+use OCP\Files\FileNameTooLongException;
 use OCP\Files\InvalidCharacterInPathException;
 use OCP\Files\InvalidPathException;
 use OCP\Files\ReservedWordException;
@@ -585,6 +586,8 @@ class View {
 				);
 			}
 			if ($run) {
+				$this->verifyPath(dirname($path2), basename($path2));
+
 				$mp1 = $this->getMountPoint($path1 . $postFix1);
 				$mp2 = $this->getMountPoint($path2 . $postFix2);
 				$manager = Filesystem::getMountManager();
@@ -1573,6 +1576,8 @@ class View {
 			throw new InvalidPathException($l10n->t('File name is a reserved word'));
 		} catch (InvalidCharacterInPathException $ex) {
 			throw new InvalidPathException($l10n->t('File name contains at least one invalid character'));
+		} catch (FileNameTooLongException $ex) {
+			throw new InvalidPathException($l10n->t('File name is too long'));
 		}
 	}
 }
diff --git a/lib/public/files/filenametoolongexception.php b/lib/public/files/filenametoolongexception.php
new file mode 100644
index 0000000000..02686f29e4
--- /dev/null
+++ b/lib/public/files/filenametoolongexception.php
@@ -0,0 +1,34 @@
+<?php
+/**
+ * ownCloud
+ *
+ * @author Thomas MÃ¼ller
+ * @copyright 2013 Thomas MÃ¼ller deepdiver@owncloud.com
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU AFFERO GENERAL PUBLIC LICENSE for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public
+ * License along with this library.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+/**
+ * Public interface of ownCloud for apps to use.
+ * Files/ReservedWordException class
+ */
+
+// use OCP namespace for all classes that are considered public.
+// This means that they should be used by apps instead of the internal ownCloud classes
+namespace OCP\Files;
+
+
+class FileNameTooLongException extends InvalidPathException {
+}
diff --git a/tests/lib/files/pathverificationtest.php b/tests/lib/files/pathverificationtest.php
index 1a802a48f5..5d38c6291a 100644
--- a/tests/lib/files/pathverificationtest.php
+++ b/tests/lib/files/pathverificationtest.php
@@ -22,6 +22,16 @@ class PathVerification extends \Test\TestCase {
 		$this->view = new View();
 	}
 
+	/**
+	 * @expectedException \OCP\Files\InvalidPathException
+	 * @expectedExceptionMessage File name is too long
+	 */
+	public function testPathVerificationFileNameTooLong() {
+		$fileName = str_repeat('a', 500);
+		$this->view->verifyPath('', $fileName);
+	}
+
+
 	/**
 	 * @dataProvider providesEmptyFiles
 	 * @expectedException \OCP\Files\InvalidPathException
-- 
GitLab