mirror of
https://github.com/VCMP-SqMod/SqMod.git
synced 2025-02-23 05:07:13 +01:00
4a6bfc086c
Switched to POCO library for unified platform/library interface. Deprecated the external module API. It was creating more problems than solving. Removed most built-in libraries in favor of system libraries for easier maintenance. Cleaned and secured code with help from static analyzers.
57 lines
1.0 KiB
C++
57 lines
1.0 KiB
C++
//
|
|
// ZipCommon.cpp
|
|
//
|
|
// Library: Zip
|
|
// Package: Zip
|
|
// Module: ZipCommon
|
|
//
|
|
// Copyright (c) 2007, Applied Informatics Software Engineering GmbH.
|
|
// and Contributors.
|
|
//
|
|
// SPDX-License-Identifier: BSL-1.0
|
|
//
|
|
|
|
|
|
#include "Poco/Zip/ZipCommon.h"
|
|
#include "Poco/Path.h"
|
|
|
|
|
|
namespace Poco {
|
|
namespace Zip {
|
|
|
|
|
|
bool ZipCommon::isValidPath(const std::string& path)
|
|
{
|
|
try
|
|
{
|
|
if (Path(path, Path::PATH_UNIX).isAbsolute() || Path(path, Path::PATH_WINDOWS).isAbsolute())
|
|
return false;
|
|
}
|
|
catch (...)
|
|
{
|
|
return false;
|
|
}
|
|
|
|
if (path == "..")
|
|
return false;
|
|
if ((path.size() >= 3) && path.compare(0, 3, "../") == 0)
|
|
return false;
|
|
if ((path.size() >= 3) && path.compare(0, 3, "..\\") == 0)
|
|
return false;
|
|
if (path.find("/../") != std::string::npos)
|
|
return false;
|
|
if (path.find("\\..\\") != std::string::npos)
|
|
return false;
|
|
if (path.find("/..\\") != std::string::npos)
|
|
return false;
|
|
if (path.find("\\../") != std::string::npos)
|
|
return false;
|
|
if ((path.size() >= 2) && path.compare(0, 2, "~/") == 0)
|
|
return false;
|
|
|
|
return true;
|
|
}
|
|
|
|
|
|
} } // namespace Poco::Zip
|