57d088517c
* feat: add support for validating asar archives on macOS * chore: fix lint * chore: update as per feedback * feat: switch implementation to asar integrity hash checks * feat: make ranged requests work with the asar file validator DataSourceFilter * chore: fix lint * chore: fix missing log include on non-darwin * fix: do not pull block size out of missing optional * fix: match ValidateOrDie symbol on non-darwin * chore: fix up asar specs by repacking archives * fix: maintain integrity chain, do not load file integrity if header integrity was not loaded * debug test * Update node-spec.ts * fix: initialize header_validated_ * chore: update PR per feedback * chore: update per feedback * build: use final asar module * Update fuses.json5
169 lines
5.9 KiB
C++
169 lines
5.9 KiB
C++
// Copyright (c) 2014 GitHub, Inc.
|
|
// Use of this source code is governed by the MIT license that can be
|
|
// found in the LICENSE file.
|
|
|
|
#include <vector>
|
|
|
|
#include "gin/handle.h"
|
|
#include "gin/object_template_builder.h"
|
|
#include "gin/wrappable.h"
|
|
#include "shell/common/asar/archive.h"
|
|
#include "shell/common/asar/asar_util.h"
|
|
#include "shell/common/gin_converters/callback_converter.h"
|
|
#include "shell/common/gin_converters/file_path_converter.h"
|
|
#include "shell/common/gin_helper/dictionary.h"
|
|
#include "shell/common/node_includes.h"
|
|
#include "shell/common/node_util.h"
|
|
|
|
namespace {
|
|
|
|
class Archive : public gin::Wrappable<Archive> {
|
|
public:
|
|
static gin::Handle<Archive> Create(v8::Isolate* isolate,
|
|
const base::FilePath& path) {
|
|
auto archive = std::make_unique<asar::Archive>(path);
|
|
if (!archive->Init())
|
|
return gin::Handle<Archive>();
|
|
return gin::CreateHandle(isolate, new Archive(isolate, std::move(archive)));
|
|
}
|
|
|
|
// gin::Wrappable
|
|
static gin::WrapperInfo kWrapperInfo;
|
|
gin::ObjectTemplateBuilder GetObjectTemplateBuilder(
|
|
v8::Isolate* isolate) override {
|
|
return gin::ObjectTemplateBuilder(isolate)
|
|
.SetMethod("getFileInfo", &Archive::GetFileInfo)
|
|
.SetMethod("stat", &Archive::Stat)
|
|
.SetMethod("readdir", &Archive::Readdir)
|
|
.SetMethod("realpath", &Archive::Realpath)
|
|
.SetMethod("copyFileOut", &Archive::CopyFileOut)
|
|
.SetMethod("getFdAndValidateIntegrityLater", &Archive::GetFD);
|
|
}
|
|
|
|
const char* GetTypeName() override { return "Archive"; }
|
|
|
|
protected:
|
|
Archive(v8::Isolate* isolate, std::unique_ptr<asar::Archive> archive)
|
|
: archive_(std::move(archive)) {}
|
|
|
|
// Reads the offset and size of file.
|
|
v8::Local<v8::Value> GetFileInfo(v8::Isolate* isolate,
|
|
const base::FilePath& path) {
|
|
asar::Archive::FileInfo info;
|
|
if (!archive_ || !archive_->GetFileInfo(path, &info))
|
|
return v8::False(isolate);
|
|
gin_helper::Dictionary dict(isolate, v8::Object::New(isolate));
|
|
dict.Set("size", info.size);
|
|
dict.Set("unpacked", info.unpacked);
|
|
dict.Set("offset", info.offset);
|
|
if (info.integrity.has_value()) {
|
|
gin_helper::Dictionary integrity(isolate, v8::Object::New(isolate));
|
|
asar::HashAlgorithm algorithm = info.integrity.value().algorithm;
|
|
switch (algorithm) {
|
|
case asar::HashAlgorithm::SHA256:
|
|
integrity.Set("algorithm", "SHA256");
|
|
break;
|
|
case asar::HashAlgorithm::NONE:
|
|
CHECK(false);
|
|
break;
|
|
}
|
|
integrity.Set("hash", info.integrity.value().hash);
|
|
dict.Set("integrity", integrity);
|
|
}
|
|
return dict.GetHandle();
|
|
}
|
|
|
|
// Returns a fake result of fs.stat(path).
|
|
v8::Local<v8::Value> Stat(v8::Isolate* isolate, const base::FilePath& path) {
|
|
asar::Archive::Stats stats;
|
|
if (!archive_ || !archive_->Stat(path, &stats))
|
|
return v8::False(isolate);
|
|
gin_helper::Dictionary dict(isolate, v8::Object::New(isolate));
|
|
dict.Set("size", stats.size);
|
|
dict.Set("offset", stats.offset);
|
|
dict.Set("isFile", stats.is_file);
|
|
dict.Set("isDirectory", stats.is_directory);
|
|
dict.Set("isLink", stats.is_link);
|
|
return dict.GetHandle();
|
|
}
|
|
|
|
// Returns all files under a directory.
|
|
v8::Local<v8::Value> Readdir(v8::Isolate* isolate,
|
|
const base::FilePath& path) {
|
|
std::vector<base::FilePath> files;
|
|
if (!archive_ || !archive_->Readdir(path, &files))
|
|
return v8::False(isolate);
|
|
return gin::ConvertToV8(isolate, files);
|
|
}
|
|
|
|
// Returns the path of file with symbol link resolved.
|
|
v8::Local<v8::Value> Realpath(v8::Isolate* isolate,
|
|
const base::FilePath& path) {
|
|
base::FilePath realpath;
|
|
if (!archive_ || !archive_->Realpath(path, &realpath))
|
|
return v8::False(isolate);
|
|
return gin::ConvertToV8(isolate, realpath);
|
|
}
|
|
|
|
// Copy the file out into a temporary file and returns the new path.
|
|
v8::Local<v8::Value> CopyFileOut(v8::Isolate* isolate,
|
|
const base::FilePath& path) {
|
|
base::FilePath new_path;
|
|
if (!archive_ || !archive_->CopyFileOut(path, &new_path))
|
|
return v8::False(isolate);
|
|
return gin::ConvertToV8(isolate, new_path);
|
|
}
|
|
|
|
// Return the file descriptor.
|
|
int GetFD() const {
|
|
if (!archive_)
|
|
return -1;
|
|
return archive_->GetUnsafeFD();
|
|
}
|
|
|
|
private:
|
|
std::unique_ptr<asar::Archive> archive_;
|
|
|
|
DISALLOW_COPY_AND_ASSIGN(Archive);
|
|
};
|
|
|
|
// static
|
|
gin::WrapperInfo Archive::kWrapperInfo = {gin::kEmbedderNativeGin};
|
|
|
|
void InitAsarSupport(v8::Isolate* isolate, v8::Local<v8::Value> require) {
|
|
// Evaluate asar_bundle.js.
|
|
std::vector<v8::Local<v8::String>> asar_bundle_params = {
|
|
node::FIXED_ONE_BYTE_STRING(isolate, "require")};
|
|
std::vector<v8::Local<v8::Value>> asar_bundle_args = {require};
|
|
electron::util::CompileAndCall(
|
|
isolate->GetCurrentContext(), "electron/js2c/asar_bundle",
|
|
&asar_bundle_params, &asar_bundle_args, nullptr);
|
|
}
|
|
|
|
v8::Local<v8::Value> SplitPath(v8::Isolate* isolate,
|
|
const base::FilePath& path) {
|
|
gin_helper::Dictionary dict = gin::Dictionary::CreateEmpty(isolate);
|
|
base::FilePath asar_path, file_path;
|
|
if (asar::GetAsarArchivePath(path, &asar_path, &file_path, true)) {
|
|
dict.Set("isAsar", true);
|
|
dict.Set("asarPath", asar_path);
|
|
dict.Set("filePath", file_path);
|
|
} else {
|
|
dict.Set("isAsar", false);
|
|
}
|
|
return dict.GetHandle();
|
|
}
|
|
|
|
void Initialize(v8::Local<v8::Object> exports,
|
|
v8::Local<v8::Value> unused,
|
|
v8::Local<v8::Context> context,
|
|
void* priv) {
|
|
gin_helper::Dictionary dict(context->GetIsolate(), exports);
|
|
dict.SetMethod("createArchive", &Archive::Create);
|
|
dict.SetMethod("splitPath", &SplitPath);
|
|
dict.SetMethod("initAsarSupport", &InitAsarSupport);
|
|
}
|
|
|
|
} // namespace
|
|
|
|
NODE_LINKED_MODULE_CONTEXT_AWARE(electron_common_asar, Initialize)
|