Commit 31706c9b authored by Maria Fava's avatar Maria Fava
Browse files

applied modifications plus added extra testing for illegal path

parent 05581f36
Pipeline #1561354 failed with stage
in 2 minutes and 14 seconds
......@@ -99,17 +99,16 @@ bool ADDHCmd::isValidPath(const std::string &filePath,
if (filePath[0] != '/')
{
// filePath is relative, convert to filePathPrefix/filePath form
std::string path = filePathPrefix + "/" + filePath;
absPath = path;
try
{
absPath = bfs::canonical(absPath).string();
}
catch (std::exception const &e)
{
// No such file or directory
return false;
}
absPath = filePathPrefix + "/" + filePath;
}
try
{
absPath = bfs::canonical(absPath).string();
}
catch (std::exception const &e)
{
// No such file or directory
return false;
}
return (absPath.string().compare(0, filePathPrefix.length(),
filePathPrefix) == 0);
......
......@@ -107,11 +107,15 @@ public:
addhCmd_->isValidPath(non_existent_path.string(),
m_correct_prefix_dir.string()));
// illegal path
// illegal paths
EQ(false,
addhCmd_->isValidPath("/tmp/../etc/correct_path",
m_correct_prefix_dir.string()));
EQ(false,
addhCmd_->isValidPath(correct_prefixed_path.string() + "/../..",
m_correct_prefix_dir.string()));
delete addhCmd_;
}
};
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment