From eed37792aef835a18cf1413814adf37a3394b4d1 Mon Sep 17 00:00:00 2001 From: Unrud Date: Thu, 24 Dec 2015 14:25:34 +0100 Subject: [PATCH] Convert filesystem paths safely to paths This only becomes a problem if the OS/filesystem allows / in filenames or . respectively .. as filenames. --- radicale/pathutils.py | 12 ++++++++++++ radicale/storage/filesystem.py | 8 +++++++- 2 files changed, 19 insertions(+), 1 deletion(-) diff --git a/radicale/pathutils.py b/radicale/pathutils.py index c3e623b..2aa13af 100644 --- a/radicale/pathutils.py +++ b/radicale/pathutils.py @@ -40,6 +40,18 @@ def sanitize_path(path): return new_path + trailing_slash +def is_safe_path_component(path): + """Checks if path is a single component of a path and is safe to join""" + if not path: + return False + head, _ = posixpath.split(path) + if head: + return False + if path in (".", ".."): + return False + return True + + def is_safe_filesystem_path_component(path): """Checks if path is a single component of a local filesystem path and is safe to join""" diff --git a/radicale/storage/filesystem.py b/radicale/storage/filesystem.py index b3e06d2..7b5e1b6 100644 --- a/radicale/storage/filesystem.py +++ b/radicale/storage/filesystem.py @@ -29,7 +29,7 @@ import time import sys from contextlib import contextmanager -from .. import config, ical, pathutils +from .. import config, ical, log, pathutils FOLDER = os.path.expanduser(config.get("storage", "filesystem_folder")) @@ -100,6 +100,12 @@ class Collection(ical.Collection): filesystem_path = pathutils.path_to_filesystem(path, FOLDER) _, directories, files = next(os.walk(filesystem_path)) for filename in directories + files: + # make sure that the local filename can be translated + # into an internal path + if not pathutils.is_safe_path_component(filename): + log.LOGGER.debug("Skipping unsupported filename: %s", + filename) + continue rel_filename = posixpath.join(path, filename) if cls.is_node(rel_filename) or cls.is_leaf(rel_filename): yield cls(rel_filename)