mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2025-02-20 02:21:26 +00:00
util: file: Don't carelessly sanitize URIs
rfc3986 states that the separator in URI path is a single slash. Multiple slashes may potentially lead to different resources and thus we should not remove them.
This commit is contained in:
parent
b8e7facfa7
commit
fac04598bb
@ -2812,12 +2812,18 @@ char *
|
||||
virFileSanitizePath(const char *path)
|
||||
{
|
||||
const char *cur = path;
|
||||
char *uri;
|
||||
char *cleanpath;
|
||||
int idx = 0;
|
||||
|
||||
if (VIR_STRDUP(cleanpath, path) < 0)
|
||||
return NULL;
|
||||
|
||||
/* don't sanitize URIs - rfc3986 states that two slashes may lead to a
|
||||
* different resource, thus removing them would possibly change the path */
|
||||
if ((uri = strstr(path, "://")) && strchr(path, '/') > uri)
|
||||
return cleanpath;
|
||||
|
||||
/* Need to sanitize:
|
||||
* // -> //
|
||||
* /// -> /
|
||||
|
@ -165,6 +165,8 @@ mymain(void)
|
||||
ret = -1; \
|
||||
} while (0)
|
||||
|
||||
#define DO_TEST_SANITIZE_PATH_SAME(PATH) DO_TEST_SANITIZE_PATH(PATH, PATH)
|
||||
|
||||
virtTestCounterReset("testFileSanitizePath ");
|
||||
DO_TEST_SANITIZE_PATH("", "");
|
||||
DO_TEST_SANITIZE_PATH("/", "/");
|
||||
@ -178,6 +180,11 @@ mymain(void)
|
||||
DO_TEST_SANITIZE_PATH("../../", "../..");
|
||||
DO_TEST_SANITIZE_PATH("//foo//bar", "//foo/bar");
|
||||
DO_TEST_SANITIZE_PATH("/bar//foo", "/bar/foo");
|
||||
DO_TEST_SANITIZE_PATH_SAME("gluster://bar.baz/foo/hoo");
|
||||
DO_TEST_SANITIZE_PATH_SAME("gluster://bar.baz//fooo/hoo");
|
||||
DO_TEST_SANITIZE_PATH_SAME("gluster://bar.baz//////fooo/hoo");
|
||||
DO_TEST_SANITIZE_PATH_SAME("gluster://bar.baz/fooo//hoo");
|
||||
DO_TEST_SANITIZE_PATH_SAME("gluster://bar.baz/fooo///////hoo");
|
||||
|
||||
return ret != 0 ? EXIT_FAILURE : EXIT_SUCCESS;
|
||||
}
|
||||
|
Loading…
x
Reference in New Issue
Block a user