summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--internal/ctlsock/sanitize.go18
-rw-r--r--internal/ctlsock/sanitize_test.go4
2 files changed, 18 insertions, 4 deletions
diff --git a/internal/ctlsock/sanitize.go b/internal/ctlsock/sanitize.go
index 5bc3706..22a8a1c 100644
--- a/internal/ctlsock/sanitize.go
+++ b/internal/ctlsock/sanitize.go
@@ -2,19 +2,29 @@ package ctlsock
import (
"path/filepath"
+ "strings"
)
// SanitizePath adapts filepath.Clean for FUSE paths.
-// 1) It always returns a relative path
+// 1) A leading slash is dropped
// 2) It returns "" instead of "."
+// 3) If the cleaned path points above CWD (start with ".."), an empty string
+// is returned
// See the TestSanitizePath testcases for examples.
func SanitizePath(path string) string {
+ if len(path) == 0 {
+ return ""
+ }
+ // Drop leading slash
+ if path[0] == '/' {
+ path = path[1:]
+ }
clean := filepath.Clean(path)
- if clean == "." || clean == "/" {
+ if clean == "." {
return ""
}
- if clean[0] == '/' {
- clean = clean[1:]
+ if clean == ".." || strings.HasPrefix(clean, "../") {
+ return ""
}
return clean
}
diff --git a/internal/ctlsock/sanitize_test.go b/internal/ctlsock/sanitize_test.go
index dfcb62c..bfdf0a7 100644
--- a/internal/ctlsock/sanitize_test.go
+++ b/internal/ctlsock/sanitize_test.go
@@ -15,6 +15,10 @@ func TestSanitizePath(t *testing.T) {
{"/foo/", "foo"},
{"/foo/./foo", "foo/foo"},
{"./", ""},
+ {"..", ""},
+ {"foo/../..", ""},
+ {"foo/../../aaaaaa", ""},
+ {"/foo/../../aaaaaa", ""},
}
for _, tc := range testCases {
res := SanitizePath(tc[0])