sanitize filepaths provided by checkUrl

This commit is contained in:
Joey Hess 2014-12-11 20:08:49 -04:00
parent b0ca0985ce
commit 67c05daf5e
5 changed files with 41 additions and 10 deletions

View file

@ -5,14 +5,42 @@
- Licensed under the GNU GPL version 3 or higher.
-}
module Types.UrlContents where
module Types.UrlContents (
UrlContents(..),
SafeFilePath,
mkSafeFilePath,
fromSafeFilePath
) where
import Utility.Url
import Utility.Path
import System.FilePath
data UrlContents
-- An URL contains a file, whose size may be known.
-- There might be a nicer filename to use.
= UrlContents (Maybe Integer) (Maybe FilePath)
= UrlContents (Maybe Integer) (Maybe SafeFilePath)
-- Sometimes an URL points to multiple files, each accessible
-- by their own URL.
| UrlMulti [(URLString, Maybe Integer, FilePath)]
| UrlMulti [(URLString, Maybe Integer, SafeFilePath)]
-- This is a FilePath, from an untrusted source,
-- sanitized so it doesn't contain any directory traversal tricks
-- and is always relative. It can still contain subdirectories.
-- Any unusual characters are also filtered out.
newtype SafeFilePath = SafeFilePath FilePath
deriving (Show)
mkSafeFilePath :: FilePath -> SafeFilePath
mkSafeFilePath p = SafeFilePath $ if null p' then "file" else p'
where
p' = joinPath $ filter safe $ map sanitizeFilePath $ splitDirectories p
safe s
| isDrive s = False
| s == ".." = False
| null s = False
| otherwise = True
fromSafeFilePath :: SafeFilePath -> FilePath
fromSafeFilePath (SafeFilePath p) = p