forked from pocoproject/poco
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathZipCommon.cpp
More file actions
56 lines (46 loc) · 1.05 KB
/
ZipCommon.cpp
File metadata and controls
56 lines (46 loc) · 1.05 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
//
// ZipCommon.cpp
//
// Library: Zip
// Package: Zip
// Module: ZipCommon
//
// Copyright (c) 2007, Applied Informatics Software Engineering GmbH.
// and Contributors.
//
// SPDX-License-Identifier: BSL-1.0
//
#include "Poco/Zip/ZipCommon.h"
#include "Poco/Path.h"
namespace Poco {
namespace Zip {
bool ZipCommon::isValidPath(const std::string& path)
{
try
{
if (Path(path, Path::PATH_UNIX).isAbsolute() || Path(path, Path::PATH_WINDOWS).isAbsolute())
return false;
}
catch (...)
{
return false;
}
if (path == "..")
return false;
if ((path.size() >= 3) && path.compare(0, 3, "../") == 0)
return false;
if ((path.size() >= 3) && path.compare(0, 3, "..\\") == 0)
return false;
if (path.find("/../") != std::string::npos)
return false;
if (path.find("\\..\\") != std::string::npos)
return false;
if (path.find("/..\\") != std::string::npos)
return false;
if (path.find("\\../") != std::string::npos)
return false;
if ((path.size() >= 2) && path.compare(0, 2, "~/") == 0)
return false;
return true;
}
} } // namespace Poco::Zip