commons-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Stefan Bodewig (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (IO-559) FilenameUtils.normalize should verify hostname syntax in UNC path
Date Thu, 21 Dec 2017 12:55:00 GMT

    [ https://issues.apache.org/jira/browse/IO-559?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16299980#comment-16299980
] 

Stefan Bodewig commented on IO-559:
-----------------------------------

The pull request has become bigger than I expected as I needed to add verification of IP numbers
as well. I'm not 100% sure about percent encoded hostnames or hostnames containing non-ASCII
characters, so would prefer a second pair of eyes.

> FilenameUtils.normalize should verify hostname syntax in UNC path
> -----------------------------------------------------------------
>
>                 Key: IO-559
>                 URL: https://issues.apache.org/jira/browse/IO-559
>             Project: Commons IO
>          Issue Type: Bug
>          Components: Utilities
>    Affects Versions: 2.6
>            Reporter: Stefan Bodewig
>
> {{FilenameUtils.normalize}} will accept broken file names as UNC path even if their hostname
part doesn't match the syntax of a proper hostname. Using certain hostnames like "." this
may lead to strange side effects.
> Most likely the best fix will be to make {{getPrefixLength}} verify the hostname part
of a suspected UNC path and return a value of {{NOT_FOUND}} if it is not a valid hostname
- much like it does for triple slashes.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message