ctlsock: interpret paths that point above CWD as ""

Paths that start with ".." were previously accepted as-is.
author: Jakob Unterwurzacher 2017-01-29 15:24:47 +0100
committer: Jakob Unterwurzacher 2017-01-29 15:24:47 +0100
commit: 532ef15417072cf6c6bd6576d78588f96800fa43 (patch)
tree: f9b2b01588baa173cbee723b01dd2456905f2756 /internal/ctlsock/sanitize.go
parent: 6166dad05c1bf505f1c0fca1fbe8bf6a27d02db9 (diff)
1 files changed, 14 insertions, 4 deletions
diff --git a/internal/ctlsock/sanitize.go b/internal/ctlsock/sanitize.go
index 5bc3706..22a8a1c 100644
--- a/internal/ctlsock/sanitize.go
+++ b/internal/ctlsock/sanitize.go
@@ -2,19 +2,29 @@ package ctlsock
 
 import (
 	"path/filepath"
+	"strings"
 )
 
 // SanitizePath adapts filepath.Clean for FUSE paths.
-// 1) It always returns a relative path
+// 1) A leading slash is dropped
 // 2) It returns "" instead of "."
+// 3) If the cleaned path points above CWD (start with ".."), an empty string
+//    is returned
 // See the TestSanitizePath testcases for examples.
 func SanitizePath(path string) string {
+	if len(path) == 0 {
+		return ""
+	}
+	// Drop leading slash
+	if path[0] == '/' {
+		path = path[1:]
+	}
 	clean := filepath.Clean(path)
-	if clean == "." || clean == "/" {
+	if clean == "." {
 		return ""
 	}
-	if clean[0] == '/' {
-		clean = clean[1:]
+	if clean == ".." || strings.HasPrefix(clean, "../") {
+		return ""
 	}
 	return clean
 }
author	Jakob Unterwurzacher	2017-01-29 15:24:47 +0100
committer	Jakob Unterwurzacher	2017-01-29 15:24:47 +0100
commit	532ef15417072cf6c6bd6576d78588f96800fa43 (patch)
tree	f9b2b01588baa173cbee723b01dd2456905f2756 /internal/ctlsock/sanitize.go
parent	6166dad05c1bf505f1c0fca1fbe8bf6a27d02db9 (diff)