Secure is_safe_filesystem_path_component

On Windows 1/2 would be a safe filesystem path component, but it's not safe to pass it to path_to_filesystem. Currently only the get method can be called with a href like that and it checked for that. This just moves the check into the is_safe_filesystem_path_component function.
Kozea · Sep 4, 2016 · a12ef69 · a12ef69
1 parent a4a6a62
commit a12ef69
Showing 1 changed file with 5 additions and 3 deletions.
diff --git a/radicale/storage.py b/radicale/storage.py
@@ -142,15 +142,17 @@ def is_safe_path_component(path):
 
 
 def is_safe_filesystem_path_component(path):
-    """Check if path is a single component of a filesystem path.
+    """Check if path is a single component of a local and posix filesystem
+       path.
 
     Check that the path is safe to join too.
 
     """
     return (
         path and not os.path.splitdrive(path)[0] and
         not os.path.split(path)[0] and path not in (os.curdir, os.pardir) and
-        not path.startswith(".") and not path.endswith("~"))
+        not path.startswith(".") and not path.endswith("~") and
+        is_safe_path_component(path))
 
 
 def path_to_filesystem(root, *paths):
@@ -628,7 +630,7 @@ def list(self):
     def get(self, href):
         if not href:
             return None
-        href = href.strip("{}").replace("/", "_")
+        href = href.strip("{}")
         if not is_safe_filesystem_path_component(href):
             self.logger.debug(
                 "Can't translate name safely to filesystem: %s", href)