remove SafeFilePath
Move sanitizeFilePath call to where fromSafeFilePath had been.
This commit is contained in:
Joey Hess
parent
cabbc91b18
commit
5f5170b22b
6 changed files with 16 additions and 32 deletions
|
|
@ -25,9 +25,14 @@ import System.FilePath
|
||||||
- so no dotfiles that might control a program are inadvertently created,
|
- so no dotfiles that might control a program are inadvertently created,
|
||||||
- and to avoid filenames being treated as options to commands the user
|
- and to avoid filenames being treated as options to commands the user
|
||||||
- might run.
|
- might run.
|
||||||
|
-
|
||||||
|
- Also there's an off chance the string might be empty, so to avoid
|
||||||
|
- needing to handle such an invalid filepath, return a dummy "file" in
|
||||||
|
- that case.
|
||||||
-}
|
-}
|
||||||
sanitizeFilePath :: String -> FilePath
|
sanitizeFilePath :: String -> FilePath
|
||||||
sanitizeFilePath = leading . map sanitize
|
sanitizeFilePath [] = "file"
|
||||||
|
sanitizeFilePath f = leading (map sanitize f)
|
||||||
where
|
where
|
||||||
sanitize c
|
sanitize c
|
||||||
| c == '.' || c == '-' = c
|
| c == '.' || c == '-' = c
|
||||||
|
|
|
||||||
|
|
@ -136,13 +136,13 @@ checkUrl addunlockedmatcher r o u = do
|
||||||
go _ (Left e) = void $ commandAction $ startingAddUrl u o $ do
|
go _ (Left e) = void $ commandAction $ startingAddUrl u o $ do
|
||||||
warning (show e)
|
warning (show e)
|
||||||
next $ return False
|
next $ return False
|
||||||
go deffile (Right (UrlContents sz mf)) = do
|
go deffile (Right (UrlContents sz f)) = do
|
||||||
let f = adjustFile o (fromMaybe (maybe deffile fromSafeFilePath mf) (fileOption (downloadOptions o)))
|
let f = adjustFile o (fromMaybe (maybe deffile sanitizeFilePath mf) (fileOption (downloadOptions o)))
|
||||||
void $ commandAction $ startRemote addunlockedmatcher r o f u sz
|
void $ commandAction $ startRemote addunlockedmatcher r o f u sz
|
||||||
go deffile (Right (UrlMulti l)) = case fileOption (downloadOptions o) of
|
go deffile (Right (UrlMulti l)) = case fileOption (downloadOptions o) of
|
||||||
Nothing ->
|
Nothing ->
|
||||||
forM_ l $ \(u', sz, f) -> do
|
forM_ l $ \(u', sz, f) -> do
|
||||||
let f' = adjustFile o (deffile </> fromSafeFilePath f)
|
let f' = adjustFile o (deffile </> sanitizeFilePath f)
|
||||||
void $ commandAction $ startRemote addunlockedmatcher r o f' u' sz
|
void $ commandAction $ startRemote addunlockedmatcher r o f' u' sz
|
||||||
Just f -> case l of
|
Just f -> case l of
|
||||||
[] -> noop
|
[] -> noop
|
||||||
|
|
|
||||||
|
|
@ -190,7 +190,7 @@ performDownload addunlockedmatcher opts cache todownload = case location todownl
|
||||||
downloadRemoteFile addunlockedmatcher r (downloadOptions opts) url f sz
|
downloadRemoteFile addunlockedmatcher r (downloadOptions opts) url f sz
|
||||||
Right (UrlMulti l) -> do
|
Right (UrlMulti l) -> do
|
||||||
kl <- forM l $ \(url', sz, subf) ->
|
kl <- forM l $ \(url', sz, subf) ->
|
||||||
downloadRemoteFile addunlockedmatcher r (downloadOptions opts) url' (f </> fromSafeFilePath subf) sz
|
downloadRemoteFile addunlockedmatcher r (downloadOptions opts) url' (f </> sanitizeFilePath subf) sz
|
||||||
return $ if all isJust kl
|
return $ if all isJust kl
|
||||||
then catMaybes kl
|
then catMaybes kl
|
||||||
else []
|
else []
|
||||||
|
|
|
||||||
|
|
@ -401,8 +401,8 @@ torrentContents :: URLString -> Annex UrlContents
|
||||||
torrentContents u = convert
|
torrentContents u = convert
|
||||||
<$> (liftIO . torrentFileSizes =<< tmpTorrentFile u)
|
<$> (liftIO . torrentFileSizes =<< tmpTorrentFile u)
|
||||||
where
|
where
|
||||||
convert [(fn, sz)] = UrlContents (Just sz) (Just (mkSafeFilePath fn))
|
convert [(fn, sz)] = UrlContents (Just sz) (Just fn)
|
||||||
convert l = UrlMulti $ map mkmulti (zip l [1..])
|
convert l = UrlMulti $ map mkmulti (zip l [1..])
|
||||||
|
|
||||||
mkmulti ((fn, sz), n) =
|
mkmulti ((fn, sz), n) =
|
||||||
(torrentUrlWithNum u n, Just sz, mkSafeFilePath $ joinPath $ drop 1 $ splitPath fn)
|
(torrentUrlWithNum u n, Just sz, joinPath $ drop 1 $ splitPath fn)
|
||||||
|
|
|
||||||
|
|
@ -769,14 +769,14 @@ checkUrlM :: External -> URLString -> Annex UrlContents
|
||||||
checkUrlM external url =
|
checkUrlM external url =
|
||||||
handleRequest external (CHECKURL url) Nothing $ \req -> case req of
|
handleRequest external (CHECKURL url) Nothing $ \req -> case req of
|
||||||
CHECKURL_CONTENTS sz f -> result $ UrlContents sz $
|
CHECKURL_CONTENTS sz f -> result $ UrlContents sz $
|
||||||
if null f then Nothing else Just $ mkSafeFilePath f
|
if null f then Nothing else Just f
|
||||||
CHECKURL_MULTI l -> result $ UrlMulti $ map mkmulti l
|
CHECKURL_MULTI l -> result $ UrlMulti $ map mkmulti l
|
||||||
CHECKURL_FAILURE errmsg -> Just $ giveup $
|
CHECKURL_FAILURE errmsg -> Just $ giveup $
|
||||||
respErrorMessage "CHECKURL" errmsg
|
respErrorMessage "CHECKURL" errmsg
|
||||||
UNSUPPORTED_REQUEST -> giveup "CHECKURL not implemented by external special remote"
|
UNSUPPORTED_REQUEST -> giveup "CHECKURL not implemented by external special remote"
|
||||||
_ -> Nothing
|
_ -> Nothing
|
||||||
where
|
where
|
||||||
mkmulti (u, s, f) = (u, s, mkSafeFilePath f)
|
mkmulti (u, s, f) = (u, s, f)
|
||||||
|
|
||||||
retrieveUrl :: Retriever
|
retrieveUrl :: Retriever
|
||||||
retrieveUrl = fileRetriever $ \f k p -> do
|
retrieveUrl = fileRetriever $ \f k p -> do
|
||||||
|
|
|
||||||
|
|
@ -7,35 +7,14 @@
|
||||||
|
|
||||||
module Types.UrlContents (
|
module Types.UrlContents (
|
||||||
UrlContents(..),
|
UrlContents(..),
|
||||||
SafeFilePath,
|
|
||||||
mkSafeFilePath,
|
|
||||||
fromSafeFilePath
|
|
||||||
) where
|
) where
|
||||||
|
|
||||||
import Utility.Url
|
import Utility.Url
|
||||||
import Annex.UntrustedFilePath
|
|
||||||
|
|
||||||
import System.FilePath
|
|
||||||
|
|
||||||
data UrlContents
|
data UrlContents
|
||||||
-- An URL contains a file, whose size may be known.
|
-- An URL contains a file, whose size may be known.
|
||||||
-- There might be a nicer filename to use.
|
-- There might be a nicer filename to use.
|
||||||
= UrlContents (Maybe Integer) (Maybe SafeFilePath)
|
= UrlContents (Maybe Integer) (Maybe FilePath)
|
||||||
-- Sometimes an URL points to multiple files, each accessible
|
-- Sometimes an URL points to multiple files, each accessible
|
||||||
-- by their own URL.
|
-- by their own URL.
|
||||||
| UrlMulti [(URLString, Maybe Integer, SafeFilePath)]
|
| UrlMulti [(URLString, Maybe Integer, FilePath)]
|
||||||
|
|
||||||
-- This is a FilePath, from an untrusted source,
|
|
||||||
-- sanitized so it doesn't contain any directory traversal tricks
|
|
||||||
-- and is always relative. It can still contain subdirectories.
|
|
||||||
-- Any unusual characters are also filtered out.
|
|
||||||
newtype SafeFilePath = SafeFilePath FilePath
|
|
||||||
deriving (Show)
|
|
||||||
|
|
||||||
mkSafeFilePath :: FilePath -> SafeFilePath
|
|
||||||
mkSafeFilePath p = SafeFilePath $ if null p' then "file" else p'
|
|
||||||
where
|
|
||||||
p' = joinPath $ map sanitizeFilePath $ splitDirectories p
|
|
||||||
|
|
||||||
fromSafeFilePath :: SafeFilePath -> FilePath
|
|
||||||
fromSafeFilePath (SafeFilePath p) = p
|
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue