Documentation ¶
Index ¶
- Variables
- func CreateTempDir(baseDir string) (string, error)
- func Inbound(candidate, baseDir string) bool
- func IsSymlink(fi os.FileInfo) bool
- func RelativePath(fullPath, basePath string) (string, error)
- func Tgz(srcPath string, inclusions []string, exclusions []string, writers ...io.Writer) (int, error)
- func Untgz(dstPath string, r io.Reader, maxSize int64) error
Constants ¶
This section is empty.
Variables ¶
var RelativeOutOfBoundErr = errors.New("full path does not contain base path")
Functions ¶
func CreateTempDir ¶ added in v2.4.0
CreateTempDir will create a temporary directory in baseDir with CSPRNG entropy in the name to avoid clashes and mitigate directory traversal. If baseDir is empty string, os.TempDir() will be used. It is the caller's responsibility to remove the directory after use. Will return the full path of the generated directory.
func Inbound ¶
Inbound will validate if the given candidate path is inside the baseDir. This is useful to make sure that malicious candidates are not targeting a file outside of baseDir boundaries. Considerations: - baseDir must be absolute path. Will return false otherwise - candidate can be absolute or relative path - candidate should not be symlink as only syntatic validation is applied by this function
func IsSymlink ¶
IsSymlink return true if the given FileInfo relates to a symlink file. Returns false otherwise.
func RelativePath ¶ added in v2.4.0
RelativePath will remove the basePath string from the fullPath including the path separator. Differently from filepath.Rel, this function will return error (RelativeOutOfBoundErr) if basePath does not match (example 2).
Example 1:
fullPath: /home/test/app/readme.md basePath: /home/test return: app/readme.md
Example 2:
fullPath: /home/test/app/readme.md basePath: /somewhere/else return: "", RelativeOutOfBoundErr
Example 3:
fullPath: /home/test/app/readme.md basePath: /home/test/app/readme.md return: .
func Tgz ¶ added in v2.4.0
func Tgz(srcPath string, inclusions []string, exclusions []string, writers ...io.Writer) (int, error)
Tgz will iterate over all files found in srcPath compressing them with gzip and archiving with Tar. Will invoke every given writer while generating the tgz. This is useful to generate checksums. Will exclude files matching the exclusions list blob if exclusions is not nil. Will include only the files matching the inclusions list if inclusions is not nil.
Types ¶
This section is empty.