diff options
author | Daniel Gultsch <daniel@gultsch.de> | 2016-04-07 20:29:40 +0200 |
---|---|---|
committer | Daniel Gultsch <daniel@gultsch.de> | 2016-04-07 20:29:40 +0200 |
commit | 0460702710fd46cac0850224f34a275ceb8e2c1f (patch) | |
tree | 561776fae8ca69b81adb3c630fdd52178e2d5018 /src/main/java/eu/siacs/conversations/persistance | |
parent | 290f0a123e117ce8e31ef3f9a2d1e896fb4c1ab9 (diff) |
check file owner when attaching files or using them as avatar
Diffstat (limited to 'src/main/java/eu/siacs/conversations/persistance')
-rw-r--r-- | src/main/java/eu/siacs/conversations/persistance/FileBackend.java | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/src/main/java/eu/siacs/conversations/persistance/FileBackend.java b/src/main/java/eu/siacs/conversations/persistance/FileBackend.java index 21ba4509..69b81569 100644 --- a/src/main/java/eu/siacs/conversations/persistance/FileBackend.java +++ b/src/main/java/eu/siacs/conversations/persistance/FileBackend.java @@ -1,5 +1,7 @@ package eu.siacs.conversations.persistance; +import android.annotation.TargetApi; +import android.content.ContentResolver; import android.content.Context; import android.content.Intent; import android.database.Cursor; @@ -9,8 +11,13 @@ import android.graphics.Canvas; import android.graphics.Matrix; import android.graphics.RectF; import android.net.Uri; +import android.os.Build; import android.os.Environment; +import android.os.ParcelFileDescriptor; import android.provider.OpenableColumns; +import android.system.ErrnoException; +import android.system.Os; +import android.system.StructStat; import android.util.Base64; import android.util.Base64OutputStream; import android.util.Log; @@ -19,6 +26,7 @@ import android.webkit.MimeTypeMap; import java.io.ByteArrayOutputStream; import java.io.Closeable; import java.io.File; +import java.io.FileDescriptor; import java.io.FileNotFoundException; import java.io.FileOutputStream; import java.io.IOException; @@ -646,4 +654,29 @@ public class FileBackend { } } } + + + public static boolean weOwnFile(Uri uri) { + if (Build.VERSION.SDK_INT < Build.VERSION_CODES.LOLLIPOP) { + return false; + } else { + return uri != null + && ContentResolver.SCHEME_FILE.equals(uri.getScheme()) + && weOwnFileLollipop(uri); + } + } + + @TargetApi(Build.VERSION_CODES.LOLLIPOP) + private static boolean weOwnFileLollipop(Uri uri) { + try { + File file = new File(uri.getPath()); + FileDescriptor fd = ParcelFileDescriptor.open(file, ParcelFileDescriptor.MODE_READ_ONLY).getFileDescriptor(); + StructStat st = Os.fstat(fd); + return st.st_uid == android.os.Process.myUid(); + } catch (ErrnoException e) { + return true; + } catch (FileNotFoundException e) { + return false; + } + } } |