Merge lp:~mterry/snappy/allow-more-dots into lp:~snappy-dev/snappy/snappy-moved-to-github

Proposed by Michael Terry on 2015-05-14
Status: Merged
Approved by: John Lenton on 2015-05-15
Approved revision: 458
Merged at revision: 457
Proposed branch: lp:~mterry/snappy/allow-more-dots
Merge into: lp:~snappy-dev/snappy/snappy-moved-to-github
Diff against target: 41 lines (+14/-1)
2 files modified
clickdeb/deb.go (+3/-1)
clickdeb/deb_test.go (+11/-0)
To merge this branch: bzr merge lp:~mterry/snappy/allow-more-dots
Reviewer Review Type Date Requested Status
John Lenton 2015-05-14 Approve on 2015-05-14
Review via email: mp+259181@code.launchpad.net

Commit Message

Allow ".." in file paths as long as it isn't an entire element. (i.e. allow "hello..you" or "...")

We call filepath.Clean right before our ".." check. So the only instances of ".." will be in the first element. That lets us simplify the check a lot.

Description of the Change

Allow ".." in file paths as long as it isn't an entire element. (i.e. allow "hello..you" or "...")

We call filepath.Clean right before our ".." check. So the only instances of ".." will be in the first element. That lets us simplify the check a lot.

To post a comment you must log in.
John Lenton (chipaca) wrote :

Nice, thank you for this!

One small comment (inline).

review: Approve
lp:~mterry/snappy/allow-more-dots updated on 2015-05-15
458. By Michael Terry on 2015-05-15

Add comment

Michael Terry (mterry) wrote :

Added comment!

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'clickdeb/deb.go'
2--- clickdeb/deb.go 2015-05-07 07:46:32 +0000
3+++ clickdeb/deb.go 2015-05-15 12:41:20 +0000
4@@ -95,7 +95,9 @@
5 // - no relative path allowed to prevent writing outside of the parent dir
6 func clickVerifyContentFn(path string) (string, error) {
7 path = filepath.Clean(path)
8- if strings.Contains(path, "..") {
9+ // Clean() will remove any internal ".." elements, except if it's a relative
10+ // path and the ".." element is the first one. So let's check for that:
11+ if path == ".." || strings.HasPrefix(path, "../") {
12 return "", ErrSnapInvalidContent
13 }
14
15
16=== modified file 'clickdeb/deb_test.go'
17--- clickdeb/deb_test.go 2015-05-07 07:46:32 +0000
18+++ clickdeb/deb_test.go 2015-05-15 12:41:20 +0000
19@@ -153,11 +153,22 @@
20 c.Assert(newPath, Equals, "foo/baz")
21 }
22
23+func (s *ClickDebTestSuite) TestClickVerifyContentFnThreeDotsOk(c *C) {
24+ newPath, err := clickVerifyContentFn(".../foo")
25+ c.Assert(err, IsNil)
26+ c.Assert(newPath, Equals, ".../foo")
27+}
28+
29 func (s *ClickDebTestSuite) TestClickVerifyContentFnNotOk(c *C) {
30 _, err := clickVerifyContentFn("./foo/../../baz")
31 c.Assert(err, Equals, ErrSnapInvalidContent)
32 }
33
34+func (s *ClickDebTestSuite) TestClickVerifyContentFnJustTwoDotsNotOk(c *C) {
35+ _, err := clickVerifyContentFn("..")
36+ c.Assert(err, Equals, ErrSnapInvalidContent)
37+}
38+
39 func (s *ClickDebTestSuite) TestTarCreate(c *C) {
40 // setup
41 builddir := c.MkDir()

Subscribers

People subscribed via source and target branches