client/securedrop_client/utils.py [134:151]: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - filename_or_filepath = Path(filename_or_filepath) if filename_or_filepath.is_absolute(): base_path = filename_or_filepath else: base_path = Path.cwd() # use cwd so we can next ensure relative path does not traverse up try: relative_path = relative_filepath(filename_or_filepath, base_path) # One last check just to cover "weird/../traversals" that may not traverse past the # base directory, but can still have harmful side effects to the application. If this # kind of traversal is needed, then call relative_filepath instead in order to check # that the desired traversal does not go past a safe base directory. if relative_path != filename_or_filepath and not filename_or_filepath.is_absolute(): raise ValueError except ValueError: raise ValueError(f"Unsafe file or directory name: '{filename_or_filepath}'") - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - export/securedrop_export/directory.py [99:115]: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - filename_or_filepath = Path(filename_or_filepath) if filename_or_filepath.is_absolute(): base_path = filename_or_filepath else: base_path = Path.cwd() # use cwd so we can next ensure relative path does not traverse up try: relative_path = relative_filepath(filename_or_filepath, base_path) # One last check just to cover "weird/../traversals" that may not traverse past the relative # base, but can still have harmful side effects to the application. If this kind of # traversal is needed, then call relative_filepath instead in order to check that the # desired traversal does not go past a safe base directory. if relative_path != filename_or_filepath and not filename_or_filepath.is_absolute(): raise ValueError except ValueError: raise ValueError(f"Unsafe file or directory name: '{filename_or_filepath}'") - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -