escapingfs

package
v0.0.0-...-ae3a0a2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 14, 2022 License: MPL-2.0 Imports: 4 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func EnsurePath

func EnsurePath(path string, dir bool) error

EnsurePath is used to make sure a path exists

func PathEscapesAllocDir

func PathEscapesAllocDir(base, prefix, path string) (bool, error)

PathEscapesAllocDir returns true if base/prefix/path escapes the given base directory.

Escaping a directory can be done with relative paths (e.g. ../../ etc.) or by using symlinks. This checks both methods.

The base directory must be an absolute path.

func PathEscapesAllocViaRelative

func PathEscapesAllocViaRelative(prefix, path string) (bool, error)

PathEscapesAllocViaRelative returns if the given path escapes the allocation directory using relative paths.

Only for use in server-side validation, where the real filesystem is not available. For client-side validation use PathEscapesAllocDir, which includes symlink validation as well.

The prefix is joined to the path (e.g. "task/local"), and this function checks if path escapes the alloc dir, NOT the prefix directory within the alloc dir. With prefix="task/local", it will return false for "../secret", but true for "../../../../../../root" path; only the latter escapes the alloc dir.

func PathEscapesSandbox

func PathEscapesSandbox(sandboxDir, path string) bool

PathEscapesSandbox returns whether previously cleaned path inside the sandbox directory (typically this will be the allocation directory) escapes.

Types

This section is empty.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL