factor out file name validation, also forbid . and ..

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

diff --git a/src/accessor/mod.rs b/src/accessor/mod.rs
index ca8bcc49aa3901dc0683110be8f9248141414e2a..9e997b6c486a50fd12064506f589176fb385b113 100644 (file)
--- a/src/accessor/mod.rs
+++ b/src/accessor/mod.rs
@@ -622,13 +622,7 @@ impl<T: Clone + ReadAt> DirectoryImpl<T> {
             io_bail!("invalid file name (missing terminating zero)");
         }
 
-        if path.is_empty() {
-            io_bail!("invalid empty file name");
-        }
-
-        if path.contains(&b'/') {
-            io_bail!("illegal path found (contains slashes, this is a security concern)");
-        }
+        crate::util::validate_filename(&path)?;
 
         let file_name = PathBuf::from(OsString::from_vec(path));
         format::check_file_name(&file_name)?;

diff --git a/src/decoder/mod.rs b/src/decoder/mod.rs
index 292f6fc5e27bca2f4245c947ae6365f4943cd957..960abe4eed0f66368071cf5b53756dc61ab472ad 100644 (file)
--- a/src/decoder/mod.rs
+++ b/src/decoder/mod.rs
@@ -314,12 +314,8 @@ impl<I: SeqRead> DecoderImpl<I> {
         if data.pop() != Some(0) {
             io_bail!("illegal path found (missing terminating zero)");
         }
-        if data.is_empty() {
-            io_bail!("illegal path found (empty)");
-        }
-        if data.contains(&b'/') {
-            io_bail!("illegal path found (contains slashes, this is a security concern)");
-        }
+
+        crate::util::validate_filename(&data)?;
 
         let path = PathBuf::from(OsString::from_vec(data));
         self.set_path(&path)?;

diff --git a/src/encoder/mod.rs b/src/encoder/mod.rs
index 7239d3e1b4efef85066d55e48878b95a1157cc99..f043461bd764abb48d4cd929538ba048a3487828 100644 (file)
--- a/src/encoder/mod.rs
+++ b/src/encoder/mod.rs
@@ -600,9 +600,7 @@ impl<'a, T: SeqWrite + 'a> EncoderImpl<'a, T> {
     }
 
     async fn encode_filename(&mut self, file_name: &[u8]) -> io::Result<()> {
-        if file_name.contains(&b'/') {
-            io_bail!("slash in file name not permitted");
-        }
+        crate::util::validate_filename(file_name)?;
         seq_write_pxar_entry_zero(&mut self.output, format::PXAR_FILENAME, file_name).await
     }
 

diff --git a/src/util.rs b/src/util.rs
index f78e32c9ab49b570f1143971fb14034cd3f74412..5a3df62a07646ec440fc4bce78a34e6055662438 100644 (file)
--- a/src/util.rs
+++ b/src/util.rs
@@ -113,3 +113,23 @@ unsafe fn forbid_wake(_: *const ()) {
 }
 
 unsafe fn ignore_drop(_: *const ()) {}
+
+pub fn validate_filename(name: &[u8]) -> io::Result<()> {
+    if name.is_empty() {
+        io_bail!("illegal path found (empty)");
+    }
+
+    if name.contains(&b'/') {
+        io_bail!("illegal path found (contains slashes, this is a security concern)");
+    }
+
+    if name == b"." {
+        io_bail!("illegal path found: '.'");
+    }
+
+    if name == b".." {
+        io_bail!("illegal path found: '..'");
+    }
+
+    Ok(())
+}