Commitbe40b8c

authored

chore: set more explicit guards for serving bin files (#19597)

1 parent0f1fc88 commitbe40b8cCopy full SHA for be40b8c

File tree

+10

-0

lines changed

+10

-0

lines changed

Lines changed: 10 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -1018,6 +1018,16 @@ func newBinMetadataCache(binFS http.FileSystem, binSha1Hashes map[string]string)`
`1018`	`1018`	`}`
`1019`	`1019`
`1020`	`1020`	`func (b*binMetadataCache)getMetadata(namestring) (binMetadata,error) {`
	`1021`	`+// Reject any invalid or non-basename paths before touching the filesystem.`
	`1022`	`+ifname==""\|\|`
	`1023`	`+name=="."\|\|`
	`1024`	`+strings.Contains(name,"/")\|\|`
	`1025`	`+strings.Contains(name,"\\")\|\|`
	`1026`	`+!fs.ValidPath(name)\|\|`
	`1027`	`+path.Base(name)!=name {`
	`1028`	`+returnbinMetadata{},os.ErrNotExist`
	`1029`	`+}`
	`1030`	`+`
`1021`	`1031`	`b.mut.RLock()`
`1022`	`1032`	`metadata,ok:=b.metadata[name]`
`1023`	`1033`	`b.mut.RUnlock()`

Comments

(0)