commons-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (IO-559) FilenameUtils.normalize should verify hostname syntax in UNC path
Date Thu, 21 Dec 2017 12:52:00 GMT

    [ https://issues.apache.org/jira/browse/IO-559?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16299976#comment-16299976
] 

ASF GitHub Bot commented on IO-559:
-----------------------------------

GitHub user bodewig opened a pull request:

    https://github.com/apache/commons-io/pull/52

    IO-559 verify hostname part of suspected UNC paths in FileNameUtils

    https://issues.apache.org/jira/browse/IO-559
    
    I'm not 100% sure how/if Windows deals with percent encoded hostnames or hostnames using
non-ASCII characters. Maybe anybody with deeper Windows knowledge can chime in.

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/bodewig/commons-io IO-559_validate_hostname_of_unc_paths_in_normalize

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/commons-io/pull/52.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #52
    
----
commit 3fd594ceaa84a1bdaf357ace37573b16fd140499
Author: Stefan Bodewig <stefan.bodewig@...>
Date:   2017-12-21T12:49:06Z

    IO-559 verify hostname part of suspected UNC paths in FileNameUtils

----


> FilenameUtils.normalize should verify hostname syntax in UNC path
> -----------------------------------------------------------------
>
>                 Key: IO-559
>                 URL: https://issues.apache.org/jira/browse/IO-559
>             Project: Commons IO
>          Issue Type: Bug
>          Components: Utilities
>    Affects Versions: 2.6
>            Reporter: Stefan Bodewig
>
> {{FilenameUtils.normalize}} will accept broken file names as UNC path even if their hostname
part doesn't match the syntax of a proper hostname. Using certain hostnames like "." this
may lead to strange side effects.
> Most likely the best fix will be to make {{getPrefixLength}} verify the hostname part
of a suspected UNC path and return a value of {{NOT_FOUND}} if it is not a valid hostname
- much like it does for triple slashes.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message