Skip to content

Commit

Permalink
Merge pull request #1820 from AndySpaven/ISSUE-1745
Browse files Browse the repository at this point in the history
ISSUE-1745 - Change the buildUrl to handle more cases of path traversal
  • Loading branch information
gracekarina authored Nov 3, 2022
2 parents 4b3863c + 75a21d5 commit 4c74190
Show file tree
Hide file tree
Showing 2 changed files with 22 additions and 42 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
import java.nio.file.Files;
import java.nio.file.Path;
import java.util.List;
Expand Down Expand Up @@ -150,48 +151,20 @@ public static String readExternalClasspathRef(String file, RefFormat refFormat,
}

public static String buildUrl(String rootPath, String relativePath) {
String[] rootPathParts = rootPath.split("/");
String [] relPathParts = relativePath.split("/");

if(rootPath == null || relativePath == null) {
return null;
}

int trimRoot = 0;
int trimRel = 0;

if(!"".equals(rootPathParts[rootPathParts.length - 1])) {
trimRoot = 1;
}
if("".equals(relPathParts[0])) {
trimRel = 1; trimRoot = rootPathParts.length-3;
}
for(int i = 0; i < rootPathParts.length; i++) {
if("".equals(rootPathParts[i])) {
trimRel += 1;
}
else {
break;
}
}
for(int i = 0; i < relPathParts.length; i ++) {
if(".".equals(relPathParts[i])) {
trimRel += 1;
}
else if ("..".equals(relPathParts[i])) {
trimRel += 1; trimRoot += 1;
}
}

String [] outputParts = new String[rootPathParts.length + relPathParts.length - trimRoot - trimRel];
System.arraycopy(rootPathParts, 0, outputParts, 0, rootPathParts.length - trimRoot);
System.arraycopy(relPathParts,
trimRel,
outputParts,
rootPathParts.length - trimRoot,
relPathParts.length - trimRel);

return StringUtils.join(outputParts, "/");
if(rootPath == null || relativePath == null) {
return null;
}

try {
int until = rootPath.lastIndexOf("/")+1;
String root = rootPath.substring(0, until);
URL rootUrl = new URL(root);
URL finalUrl = new URL(rootUrl, relativePath);
return finalUrl.toString();
}
catch(Exception e) {
throw new RuntimeException(e);
}
}

public static String readExternalRef(String file, RefFormat refFormat, List<AuthorizationValue> auths,
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -312,6 +312,13 @@ public void testPathJoin2() {
assertEquals(RefUtils.buildUrl("http://foo.bar.com/my/dir/file.yaml", "/my/newFile.yaml"), "http://foo.bar.com/my/newFile.yaml");
}

@Test
public void testPathJoinIssue1745() {
assertEquals(RefUtils.buildUrl("http://foo.bar.com/my/dir/file.yaml", "./second/../newFile.yaml"), "http://foo.bar.com/my/dir/newFile.yaml");
assertEquals(RefUtils.buildUrl("http://foo.bar.com/my/dir/", "./second/../newFile.yaml"), "http://foo.bar.com/my/dir/newFile.yaml");
// This is a little strange in the output (beacuse it has not completely eliminated the ..) but is still correct - paste a similar url into a browser and it resolves it correctly.
assertEquals(RefUtils.buildUrl("http://foo.bar.com/my/dir/file.yaml", "/second/../newFile.yaml"), "http://foo.bar.com/second/../newFile.yaml");
}

@Test
public void shouldReturnEmptyExternalPathForInternalReference() {
Expand Down

0 comments on commit 4c74190

Please sign in to comment.