addurl --preserve-filename and a few related changes
* addurl --preserve-filename: New option, uses server-provided filename without any sanitization, but with some security checking. Not yet implemented for remotes other than the web. * addurl, importfeed: Avoid adding filenames with leading '.', instead it will be replaced with '_'. This might be considered a security fix, but a CVE seems unwattanted. It was possible for addurl to create a dotfile, which could change behavior of some program. It was also possible for a web server to say the file name was ".git" or "foo/.git". That would not overrwrite the .git directory, but would cause addurl to fail; of course git won't add "foo/.git". sanitizeFilePath is too opinionated to remain in Utility, so moved it. The changes to mkSafeFilePath are because it used sanitizeFilePath. In particular: isDrive will never succeed, because "c:" gets munged to "c_" ".." gets sanitized now ".git" gets sanitized now It will never be null, because sanitizeFilePath keeps the length the same, and splitDirectories never returns a null path. Also, on the off chance a web server suggests a filename of "", ignore that, rather than trying to save to such a filename, which would fail in some way.
This commit is contained in:
parent
54599207f7
commit
6952060665
9 changed files with 132 additions and 39 deletions
|
@ -13,7 +13,7 @@ module Types.UrlContents (
|
|||
) where
|
||||
|
||||
import Utility.Url
|
||||
import Utility.Path
|
||||
import Annex.UntrustedFilePath
|
||||
|
||||
import System.FilePath
|
||||
|
||||
|
@ -35,13 +35,7 @@ newtype SafeFilePath = SafeFilePath FilePath
|
|||
mkSafeFilePath :: FilePath -> SafeFilePath
|
||||
mkSafeFilePath p = SafeFilePath $ if null p' then "file" else p'
|
||||
where
|
||||
p' = joinPath $ filter safe $ map sanitizeFilePath $ splitDirectories p
|
||||
safe s
|
||||
| isDrive s = False
|
||||
| s == ".." = False
|
||||
| s == ".git" = False
|
||||
| null s = False
|
||||
| otherwise = True
|
||||
p' = joinPath $ map sanitizeFilePath $ splitDirectories p
|
||||
|
||||
fromSafeFilePath :: SafeFilePath -> FilePath
|
||||
fromSafeFilePath (SafeFilePath p) = p
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue