aboutsummaryrefslogtreecommitdiffstats
path: root/lib/stdlib/src/shell.erl
diff options
context:
space:
mode:
authorBjörn Gustavsson <[email protected]>2017-02-16 15:55:34 +0100
committerBjörn Gustavsson <[email protected]>2017-02-21 09:45:00 +0100
commit8c7a68f3808a8d52f5cfc297a249ca4ef2480238 (patch)
tree716f1fb9157b6e46a1d86f78ec646067742475a3 /lib/stdlib/src/shell.erl
parent381f97b30092624b238a68909855692929d6f8bf (diff)
downloadotp-8c7a68f3808a8d52f5cfc297a249ca4ef2480238.tar.gz
otp-8c7a68f3808a8d52f5cfc297a249ca4ef2480238.tar.bz2
otp-8c7a68f3808a8d52f5cfc297a249ca4ef2480238.zip
filename: Add safe_relative_path/1
Add safe_relative_path/1 to guard against directory traversal attacks. It either returns a shorter path without any ".." or "." components, or 'unsafe' if an ".." component would climb up above the root of the relative path. Here are a few examples: safe_relative_path("a/b/..") => "a" safe_relative_path("a/..") => "" safe_relative_path("a/../..") => unsafe safe_relative_path("/absolute/path") => unsafe The returned path can be used directly or combined with an absolute path using filename:join/2.
Diffstat (limited to 'lib/stdlib/src/shell.erl')
0 files changed, 0 insertions, 0 deletions