diff options
Diffstat (limited to 'internal')
| -rw-r--r-- | internal/ctlsock/sanitize.go | 18 | ||||
| -rw-r--r-- | internal/ctlsock/sanitize_test.go | 4 |
2 files changed, 18 insertions, 4 deletions
diff --git a/internal/ctlsock/sanitize.go b/internal/ctlsock/sanitize.go index 5bc3706..22a8a1c 100644 --- a/internal/ctlsock/sanitize.go +++ b/internal/ctlsock/sanitize.go @@ -2,19 +2,29 @@ package ctlsock import ( "path/filepath" + "strings" ) // SanitizePath adapts filepath.Clean for FUSE paths. -// 1) It always returns a relative path +// 1) A leading slash is dropped // 2) It returns "" instead of "." +// 3) If the cleaned path points above CWD (start with ".."), an empty string +// is returned // See the TestSanitizePath testcases for examples. func SanitizePath(path string) string { + if len(path) == 0 { + return "" + } + // Drop leading slash + if path[0] == '/' { + path = path[1:] + } clean := filepath.Clean(path) - if clean == "." || clean == "/" { + if clean == "." { return "" } - if clean[0] == '/' { - clean = clean[1:] + if clean == ".." || strings.HasPrefix(clean, "../") { + return "" } return clean } diff --git a/internal/ctlsock/sanitize_test.go b/internal/ctlsock/sanitize_test.go index dfcb62c..bfdf0a7 100644 --- a/internal/ctlsock/sanitize_test.go +++ b/internal/ctlsock/sanitize_test.go @@ -15,6 +15,10 @@ func TestSanitizePath(t *testing.T) { {"/foo/", "foo"}, {"/foo/./foo", "foo/foo"}, {"./", ""}, + {"..", ""}, + {"foo/../..", ""}, + {"foo/../../aaaaaa", ""}, + {"/foo/../../aaaaaa", ""}, } for _, tc := range testCases { res := SanitizePath(tc[0]) |