Secure is_safe_filesystem_path_component

On Windows 1/2 would be a safe filesystem path component, but it's not safe to pass it to path_to_filesystem.
Currently only the get method can be called with a href like that and it checked for that.
This just moves the check into the is_safe_filesystem_path_component function.
This commit is contained in:
Unrud 2016-09-04 12:55:28 +02:00
parent a4a6a62643
commit a12ef69129

View File

@ -142,7 +142,8 @@ def is_safe_path_component(path):
def is_safe_filesystem_path_component(path): def is_safe_filesystem_path_component(path):
"""Check if path is a single component of a filesystem path. """Check if path is a single component of a local and posix filesystem
path.
Check that the path is safe to join too. Check that the path is safe to join too.
@ -150,7 +151,8 @@ def is_safe_filesystem_path_component(path):
return ( return (
path and not os.path.splitdrive(path)[0] and path and not os.path.splitdrive(path)[0] and
not os.path.split(path)[0] and path not in (os.curdir, os.pardir) and not os.path.split(path)[0] and path not in (os.curdir, os.pardir) and
not path.startswith(".") and not path.endswith("~")) not path.startswith(".") and not path.endswith("~") and
is_safe_path_component(path))
def path_to_filesystem(root, *paths): def path_to_filesystem(root, *paths):
@ -628,7 +630,7 @@ class Collection(BaseCollection):
def get(self, href): def get(self, href):
if not href: if not href:
return None return None
href = href.strip("{}").replace("/", "_") href = href.strip("{}")
if not is_safe_filesystem_path_component(href): if not is_safe_filesystem_path_component(href):
self.logger.debug( self.logger.debug(
"Can't translate name safely to filesystem: %s", href) "Can't translate name safely to filesystem: %s", href)