aboutsummaryrefslogtreecommitdiff
path: root/internal/ctlsock/sanitize.go
diff options
context:
space:
mode:
Diffstat (limited to 'internal/ctlsock/sanitize.go')
-rw-r--r--internal/ctlsock/sanitize.go18
1 files changed, 14 insertions, 4 deletions
diff --git a/internal/ctlsock/sanitize.go b/internal/ctlsock/sanitize.go
index 5bc3706..22a8a1c 100644
--- a/internal/ctlsock/sanitize.go
+++ b/internal/ctlsock/sanitize.go
@@ -2,19 +2,29 @@ package ctlsock
import (
"path/filepath"
+ "strings"
)
// SanitizePath adapts filepath.Clean for FUSE paths.
-// 1) It always returns a relative path
+// 1) A leading slash is dropped
// 2) It returns "" instead of "."
+// 3) If the cleaned path points above CWD (start with ".."), an empty string
+// is returned
// See the TestSanitizePath testcases for examples.
func SanitizePath(path string) string {
+ if len(path) == 0 {
+ return ""
+ }
+ // Drop leading slash
+ if path[0] == '/' {
+ path = path[1:]
+ }
clean := filepath.Clean(path)
- if clean == "." || clean == "/" {
+ if clean == "." {
return ""
}
- if clean[0] == '/' {
- clean = clean[1:]
+ if clean == ".." || strings.HasPrefix(clean, "../") {
+ return ""
}
return clean
}