Return-Path: X-Original-To: apmail-couchdb-commits-archive@www.apache.org Delivered-To: apmail-couchdb-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 5FD6AD391 for ; Wed, 19 Dec 2012 17:28:52 +0000 (UTC) Received: (qmail 76396 invoked by uid 500); 19 Dec 2012 17:28:52 -0000 Delivered-To: apmail-couchdb-commits-archive@couchdb.apache.org Received: (qmail 76098 invoked by uid 500); 19 Dec 2012 17:28:51 -0000 Mailing-List: contact commits-help@couchdb.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@couchdb.apache.org Delivered-To: mailing list commits@couchdb.apache.org Received: (qmail 76066 invoked by uid 99); 19 Dec 2012 17:28:51 -0000 Received: from tyr.zones.apache.org (HELO tyr.zones.apache.org) (140.211.11.114) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 19 Dec 2012 17:28:51 +0000 Received: by tyr.zones.apache.org (Postfix, from userid 65534) id 88DF8324134; Wed, 19 Dec 2012 17:28:51 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: jan@apache.org To: commits@couchdb.apache.org X-Mailer: ASF-Git Admin Mailer Subject: [1/6] git commit: improve parsing of mochiweb relative paths Message-Id: <20121219172851.88DF8324134@tyr.zones.apache.org> Date: Wed, 19 Dec 2012 17:28:51 +0000 (UTC) Updated Branches: refs/heads/1.0.x f5be49631 -> a996d8dfb refs/heads/1.1.x 55ba156fd -> 170011330 refs/heads/1.2.x 6637c7fca -> 4cd384668 refs/heads/1.3.x 6429a44b2 -> bc5880f7c refs/heads/master 2b4ab67a9 -> 6e749bf7e improve parsing of mochiweb relative paths Patch adapted from http://www.couchbase.com/issues/browse/MB-7390 Project: http://git-wip-us.apache.org/repos/asf/couchdb/repo Commit: http://git-wip-us.apache.org/repos/asf/couchdb/commit/a996d8df Tree: http://git-wip-us.apache.org/repos/asf/couchdb/tree/a996d8df Diff: http://git-wip-us.apache.org/repos/asf/couchdb/diff/a996d8df Branch: refs/heads/1.0.x Commit: a996d8dfbc0853f82a2cba3e482df2e7093ff839 Parents: f5be496 Author: Sriram Melkote Authored: Sat Dec 15 04:03:45 2012 +0530 Committer: Jan Lehnardt Committed: Wed Dec 19 18:21:02 2012 +0100 ---------------------------------------------------------------------- src/mochiweb/mochiweb_util.erl | 11 +++++++++-- 1 files changed, 9 insertions(+), 2 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/couchdb/blob/a996d8df/src/mochiweb/mochiweb_util.erl ---------------------------------------------------------------------- diff --git a/src/mochiweb/mochiweb_util.erl b/src/mochiweb/mochiweb_util.erl index d8fc89d..b5134d3 100644 --- a/src/mochiweb/mochiweb_util.erl +++ b/src/mochiweb/mochiweb_util.erl @@ -68,11 +68,17 @@ partition2(_S, _Sep) -> %% @spec safe_relative_path(string()) -> string() | undefined %% @doc Return the reduced version of a relative path or undefined if it %% is not safe. safe relative paths can be joined with an absolute path -%% and will result in a subdirectory of the absolute path. +%% and will result in a subdirectory of the absolute path. Safe paths +%% never contain a backslash character. safe_relative_path("/" ++ _) -> undefined; safe_relative_path(P) -> - safe_relative_path(P, []). + case string:chr(P, $\\) of + 0 -> + safe_relative_path(P, []); + _ -> + undefined + end. safe_relative_path("", Acc) -> case Acc of @@ -707,6 +713,7 @@ test_safe_relative_path() -> undefined = safe_relative_path("../foo"), undefined = safe_relative_path("foo/../.."), undefined = safe_relative_path("foo//"), + undefined = safe_relative_path("foo\\bar"), ok. test_parse_qvalues() ->