Guard against path traversal and leading '|'

This change adds some checks against path traversal ('..') and accidentally shelling out (opening a file starting with '|').

Guard against path traversal and leading '|'
633b2aaa · Jacob Vosmaer · d37c628f · 633b2aaa · 633b2aaa
Commit 633b2aaa authored 10 years ago by Jacob Vosmaer
--- a/lib/grit/git-ruby/repository.rb
+++ b/lib/grit/git-ruby/repository.rb
@@ -683,7 +683,9 @@ module Grit
      end
  
      def self.add_file(name, contents)
-        File.open(name, 'w') do |f|
+        path = File.join(Dir.pwd, name)
+        raise "Invalid path: #{path}" unless File.absolute_path(path) == path
+        File.open(path, 'w') do |f|
          f.write contents
        end
      end

--- a/lib/grit/git.rb
+++ b/lib/grit/git.rb
@@ -117,7 +117,9 @@ module Grit
    #
    # Returns Boolean
    def fs_exist?(file)
-      File.exist?(File.join(self.git_dir, file))
+      path = File.join(self.git_dir, file)
+      raise "Invalid path: #{path}" unless File.absolute_path(path) == path
+      File.exist?(path)
    end
  
    # Read a normal file from the filesystem.
@@ -125,7 +127,9 @@ module Grit
    #
    # Returns the String contents of the file
    def fs_read(file)
-      File.read(File.join(self.git_dir, file))
+      path = File.join(self.git_dir, file)
+      raise "Invalid path: #{path}" unless File.absolute_path(path) == path
+      File.read(path)
    end
  
    # Write a normal file to the filesystem.
@@ -135,6 +139,7 @@ module Grit
    # Returns nothing
    def fs_write(file, contents)
      path = File.join(self.git_dir, file)
+      raise "Invalid path: #{path}" unless File.absolute_path(path) == path
      FileUtils.mkdir_p(File.dirname(path))
      File.open(path, 'w') do |f|
        f.write(contents)