Commit f457829e authored by Maria Fava's avatar Maria Fava
Browse files

added canonical plus test for illegal path

parent 911e89e8
......@@ -95,13 +95,24 @@ void ADDHCmd::commandReceived(ntof::dim::DIMCmd &cmdData)
bool ADDHCmd::isValidPath(const std::string &filePath,
const std::string &filePathPrefix)
{
bfs::path absPath = filePath;
if (filePath[0] != '/')
{
// filePath is relative, convert to filePathPrefix/filePath form
std::string path = filePathPrefix + "/" + filePath;
return (path.compare(0, filePathPrefix.length(), filePathPrefix) == 0);
absPath = path;
try
{
absPath = bfs::canonical(absPath).string();
}
catch (std::exception const &e)
{
// No such file or directory
return false;
}
}
return (filePath.compare(0, filePathPrefix.length(), filePathPrefix) == 0);
return (absPath.string().compare(0, filePathPrefix.length(),
filePathPrefix) == 0);
}
} // namespace addh
......
......@@ -107,6 +107,11 @@ public:
addhCmd_->isValidPath(non_existent_path.string(),
m_correct_prefix_dir.string()));
// illegal path
EQ(false,
addhCmd_->isValidPath("/tmp/../etc/correct_path",
m_correct_prefix_dir.string()));
delete addhCmd_;
}
};
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment