pkg/analyzer/lib/src/generated/sdk.dart - Issue 2406353002: Validate patch file paths.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: pkg/analyzer/lib/src/generated/sdk.dart

Issue 2406353002: Validate patch file paths. (Closed)

Patch Set: Created 4 years, 2 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: pkg/analyzer/lib/src/generated/sdk.dart

diff --git a/pkg/analyzer/lib/src/generated/sdk.dart b/pkg/analyzer/lib/src/generated/sdk.dart

index 7f78e556242df2ec082223024d5370b36ba3c203..dbdc03f71b585e74e02fcaac634562b34485c021 100644

--- a/pkg/analyzer/lib/src/generated/sdk.dart

+++ b/pkg/analyzer/lib/src/generated/sdk.dart

@@ -14,6 +14,7 @@ import 'package:analyzer/src/generated/engine.dart'

import 'package:analyzer/src/generated/source.dart' show Source;

import 'package:analyzer/src/generated/utilities_general.dart';

import 'package:analyzer/src/summary/idl.dart' show PackageBundle;

+import 'package:path/path.dart' as pathos;

/**

* A function used to create a new DartSdk with the given [options]. If the

@@ -419,7 +420,9 @@ class SdkLibrariesReader_LibraryBuilder extends RecursiveAstVisitor<Object> {

List<String> paths = <String>[];

pathsListLiteral.elements.forEach((Expression pathExpr) {

if (pathExpr is SimpleStringLiteral) {

- paths.add(pathExpr.value);

+ String path = pathExpr.value;

+ _validatePatchPath(path);

+ paths.add(path);

} else {

throw new ArgumentError(

'The "patch" argument items must be simple strings.');

@@ -454,6 +457,24 @@ class SdkLibrariesReader_LibraryBuilder extends RecursiveAstVisitor<Object> {

}

/**

+ * Validate the given [path] to a patch file. Throw [ArgumentError] if not a

+ * valid path: is absolute, or contains `..`.

+ */

+ void _validatePatchPath(String path) {

+ if (path.contains(r'\')) {

+ throw new ArgumentError('The path to a patch file must be posix: $path');

+ }

+ if (pathos.isAbsolute(path)) {

Paul Berry 2016/10/11 16:57:51 Use pathos.posix.isAbsolute() so that we don't get

+ throw new ArgumentError(

+ 'The path to a patch file cannot be absolute: $path');

+ }

+ if (path.contains('..')) {

+ throw new ArgumentError(

+ 'The path to a patch file cannot contain "..": $path');

+ }

+ /**

* Return the platform constant value for the given [expr].

* Throw [ArgumentError] if not a valid platform name given.

« no previous file with comments | « no previous file | pkg/analyzer/test/src/dart/sdk/sdk_test.dart » ('j') | no next file with comments »