From 135a8dce4b7c6c5a09ca689f42503b3df4433138 Mon Sep 17 00:00:00 2001
From: I-Al-Istannen <i-al-istannen@users.noreply.github.com>
Date: Mon, 20 Apr 2020 16:07:14 +0200
Subject: [PATCH] Fix resolve_path allowing paths outside its folder

This happened if the directory name was a prefix of the offending file name.
---
 PFERD/utils.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/PFERD/utils.py b/PFERD/utils.py
index 49cf31b..dc50ba6 100644
--- a/PFERD/utils.py
+++ b/PFERD/utils.py
@@ -67,7 +67,7 @@ def resolve_path(directory: Path, target_file: Path) -> Path:
     """
     absolute_path = directory.joinpath(target_file).resolve()
 
-    if not str(absolute_path).startswith(str(directory.resolve())):
+    if directory not in absolute_path.parents:
         raise ResolveException(
             f"Path resolved to file outside folder ({absolute_path})"
         )