fix: consider case sensitiveness differences

Author: ldematte

libs/entitlement/src/main/java/org/elasticsearch/entitlement/runtime/policy/FileAccessTree.java

@@ -94,7 +94,7 @@ static void validateExclusivePaths(List<ExclusivePath> exclusivePaths) {
             ExclusivePath currentExclusivePath = exclusivePaths.get(0);
             for (int i = 1; i < exclusivePaths.size(); ++i) {
                 ExclusivePath nextPath = exclusivePaths.get(i);
-                if (currentExclusivePath.path().equals(nextPath.path) || isParent(currentExclusivePath.path(), nextPath.path())) {
+                if (FileUtils.samePath(currentExclusivePath.path(), nextPath.path) || FileUtils.isParent(currentExclusivePath.path(), nextPath.path())) {
                     throw new IllegalArgumentException(
                         "duplicate/overlapping exclusive paths found in files entitlements: " + currentExclusivePath + " and " + nextPath
                     );
@@ -194,7 +194,7 @@ static List<String> pruneSortedPaths(List<String> paths) {
             prunedReadPaths.add(currentPath);
             for (int i = 1; i < paths.size(); ++i) {
                 String nextPath = paths.get(i);
-                if (currentPath.equals(nextPath) == false && isParent(currentPath, nextPath) == false) {
+                if (FileUtils.samePath(currentPath, nextPath) == false && FileUtils.isParent(currentPath, nextPath) == false) {
                     prunedReadPaths.add(nextPath);
                     currentPath = nextPath;
                 }
@@ -203,7 +203,7 @@ static List<String> pruneSortedPaths(List<String> paths) {
         return prunedReadPaths;
     }
 
-    public static FileAccessTree of(
+    static FileAccessTree of(
         String componentName,
         String moduleName,
         FilesEntitlement filesEntitlement,
@@ -243,22 +243,17 @@ private boolean checkPath(String path, String[] paths) {
         }
 
         int endx = Arrays.binarySearch(exclusivePaths, path, PATH_ORDER);
-        if (endx < -1 && isParent(exclusivePaths[-endx - 2], path) || endx >= 0) {
+        if (endx < -1 && FileUtils.isParent(exclusivePaths[-endx - 2], path) || endx >= 0) {
             return false;
         }
 
         int ndx = Arrays.binarySearch(paths, path, PATH_ORDER);
         if (ndx < -1) {
-            return isParent(paths[-ndx - 2], path);
+            return FileUtils.isParent(paths[-ndx - 2], path);
         }
         return ndx >= 0;
     }
 
-    private static boolean isParent(String maybeParent, String path) {
-        logger.trace(() -> Strings.format("checking isParent [%s] for [%s]", maybeParent, path));
-        return path.startsWith(maybeParent) && path.startsWith(FILE_SEPARATOR, maybeParent.length());
-    }
-
     @Override
     public boolean equals(Object o) {
         if (o == null || getClass() != o.getClass()) return false;

libs/entitlement/src/main/java/org/elasticsearch/entitlement/runtime/policy/FileUtils.java

@@ -9,17 +9,39 @@
 
 package org.elasticsearch.entitlement.runtime.policy;
 
+import org.elasticsearch.core.Strings;
 import org.elasticsearch.core.SuppressForbidden;
+import org.elasticsearch.logging.LogManager;
+import org.elasticsearch.logging.Logger;
 
 import java.io.File;
 import java.util.Comparator;
+import java.util.function.BiPredicate;
 
 import static java.lang.Character.isLetter;
 
 public class FileUtils {
 
+    private static final Logger logger = LogManager.getLogger(FileUtils.class);
+
     private FileUtils() {}
 
+    interface CharComparator {
+        int compare(char c1, char c2);
+    }
+
+    private static final CharComparator CHARACTER_COMPARATOR = Platform.WINDOWS.isCurrent()
+        ? FileUtils::caseInsensitiveCharacterComparator
+        : FileUtils::caseSensitiveCharacterComparator;
+
+    private static final BiPredicate<String, String> STARTS_WITH = Platform.WINDOWS.isCurrent()
+        ? FileUtils::caseInsensitiveStartsWith
+        : String::startsWith;
+
+    private static final BiPredicate<String, String> EQUALS = Platform.WINDOWS.isCurrent()
+        ? String::equalsIgnoreCase
+        : String::equals;
+
     /**
      * For our lexicographic sort trick to work correctly, we must have path separators sort before
      * any other character so that files in a directory appear immediately after that directory.
@@ -32,7 +54,8 @@ private FileUtils() {}
         for (int k = 0; k < lim; k++) {
             char c1 = s1.charAt(k);
             char c2 = s2.charAt(k);
-            if (c1 == c2) {
+            var comp = CHARACTER_COMPARATOR.compare(c1, c2);
+            if (comp == 0) {
                 continue;
             }
             boolean c1IsSeparator = isPathSeparator(c1);
@@ -44,17 +67,50 @@ private FileUtils() {}
                 if (c2IsSeparator) {
                     return 1;
                 }
-                return c1 - c2;
+                return comp;
             }
         }
         return len1 - len2;
     };
 
+    /**
+     * Case-insensitive character comparison. Inspired by the {@code WindowsPath#compareTo} implementation.
+     */
+    private static int caseInsensitiveCharacterComparator(char c1, char c2) {
+        if (c1 == c2) {
+            return 0;
+        }
+        c1 = Character.toUpperCase(c1);
+        c2 = Character.toUpperCase(c2);
+        if (c1 == c2) {
+            return 0;
+        }
+        return c1 - c2;
+    }
+
+    private static int caseSensitiveCharacterComparator(char c1, char c2) {
+        return c1 - c2;
+    }
+
+    private static boolean caseInsensitiveStartsWith(String s, String prefix) {
+        return s.regionMatches(true, 0, prefix, 0, prefix.length());
+    }
+
     @SuppressForbidden(reason = "we need the separator as a char, not a string")
     private static boolean isPathSeparator(char c) {
         return c == File.separatorChar;
     }
 
+    static boolean isParent(String maybeParent, String path) {
+        logger.trace(() -> Strings.format("checking isParent [%s] for [%s]", maybeParent, path));
+        return STARTS_WITH.test(path, maybeParent) &&
+            (path.length() > maybeParent.length() && path.charAt(maybeParent.length()) == File.separatorChar);
+    }
+
+    static boolean samePath(String currentPath, String nextPath) {
+        return EQUALS.test(currentPath, nextPath);
+    }
+
     /**
      * Tests if a path is absolute or relative, taking into consideration both Unix and Windows conventions.
      * Note that this leads to a conflict, resolved in favor of Unix rules: `/foo` can be either a Unix absolute path, or a Windows

libs/entitlement/src/test/java/org/elasticsearch/entitlement/runtime/policy/FileAccessTreeTests.java

@@ -363,6 +363,16 @@ public void testDuplicatePrunedPaths() {
         assertEquals(expected, actual);
     }
 
+    public void testDuplicatePrunedPathsWindows() {
+        assumeTrue("Specific to windows for paths with mixed casing", WINDOWS.isCurrent());
+
+        List<String> inputPaths = List.of("/a", "/A", "/a/b", "/a/B", "/b/c", "b/c/d", "B/c/d", "b/c/D", "e/f", "e/f");
+        List<String> outputPaths = List.of("/a", "/b/c", "b/c/d", "e/f");
+        var actual = FileAccessTree.pruneSortedPaths(inputPaths.stream().map(p -> normalizePath(path(p))).toList());
+        var expected = outputPaths.stream().map(p -> normalizePath(path(p))).toList();
+        assertEquals(expected, actual);
+    }
+
     public void testDuplicateExclusivePaths() {
         // Bunch o' handy definitions
         var pathAB = path("/a/b");
@@ -457,6 +467,37 @@ public void testWindowsAbsolutPathAccess() {
         assertThat(fileAccessTree.canWrite(Path.of("D:\\foo")), is(false));
     }
 
+    public void testWindowsMixedCaseAccess() {
+        assumeTrue("Specific to windows for paths with mixed casing", WINDOWS.isCurrent());
+
+        var fileAccessTree = FileAccessTree.of(
+            "test",
+            "test",
+            new FilesEntitlement(
+                List.of(
+                    FileData.ofPath(Path.of("\\\\.\\pipe\\"), READ),
+                    FileData.ofPath(Path.of("D:\\.gradle"), READ),
+                    FileData.ofPath(Path.of("D:\\foo"), READ),
+                    FileData.ofPath(Path.of("C:\\foo"), FilesEntitlement.Mode.READ_WRITE)
+                )
+            ),
+            TEST_PATH_LOOKUP,
+            null,
+            List.of()
+        );
+
+        assertThat(fileAccessTree.canRead(Path.of("\\\\.\\PIPE\\bar")), is(true));
+        assertThat(fileAccessTree.canRead(Path.of("c:\\foo")), is(true));
+        assertThat(fileAccessTree.canRead(Path.of("C:\\FOO")), is(true));
+        assertThat(fileAccessTree.canWrite(Path.of("C:\\foo")), is(true));
+        assertThat(fileAccessTree.canRead(Path.of("c:\\foo")), is(true));
+        assertThat(fileAccessTree.canRead(Path.of("C:\\FOO")), is(true));
+        assertThat(fileAccessTree.canRead(Path.of("d:\\foo")), is(true));
+        assertThat(fileAccessTree.canRead(Path.of("d:\\FOO")), is(true));
+        assertThat(fileAccessTree.canWrite(Path.of("D:\\foo")), is(false));
+        assertThat(fileAccessTree.canWrite(Path.of("d:\\foo")), is(false));
+    }
+
     FileAccessTree accessTree(FilesEntitlement entitlement, List<ExclusivePath> exclusivePaths) {
         return FileAccessTree.of("test-component", "test-module", entitlement, TEST_PATH_LOOKUP, null, exclusivePaths);
     }