Early paranoia in group name validation.

We will fail malicious paths in openDescriptionFile, but it doesn't harm to be paranoid early.

Early paranoia in group name validation.
We will fail malicious paths in openDescriptionFile, but it doesn't harm to be paranoid early.
5beb13b2 · Juliusz Chroboczek · 0d0a745a · 5beb13b2 · 5beb13b2
Commit 5beb13b2 authored Aug 24, 2021 by Juliusz Chroboczek
Hide whitespace changes
Inline Side-by-side

Showing with 44 additions and 1 deletion

group/group.go group/group.go +15 -1

group/group_test.go group/group_test.go +29 -0

No files found.
--- a/group/group.go
+++ b/group/group.go
@@ -373,8 +373,22 @@ func Add(name string, desc *Description) (*Group, error) {
 	return g, err
 }

+func validGroupName(name string) bool {
+	if filepath.Separator != '/' &&
+		strings.ContainsRune(name, filepath.Separator) {
+		return false
+	}
+
+	s := path.Clean("/" + name)
+	if s == "/" {
+		return false
+	}
+
+	return s == "/"+name
+}
+
 func add(name string, desc *Description) (*Group, []Client, error) {
-	if name == "" || strings.HasSuffix(name, "/") {
+	if !validGroupName(name) {
 		return nil, nil, UserError("illegal group name")
 	}


--- a/group/group_test.go
+++ b/group/group_test.go
@@ -245,3 +245,32 @@ func TestFmtpValue(t *testing.T) {
 		}
 	}
 }
+
+func TestValidGroupName(t *testing.T) {
+	type nameTest struct {
+		name   string
+		result bool
+	}
+	tests := []nameTest{
+		{"", false},
+		{"/", false},
+		{"/foo", false},
+		{"foo/", false},
+		{"./foo", false},
+		{"foo/.", false},
+		{"../foo", false},
+		{"foo/..", false},
+		{"foo/./bar", false},
+		{"foo/../bar", false},
+		{"foo", true},
+		{"foo/bar", true},
+	}
+
+	for _, test := range tests {
+		r := validGroupName(test.name)
+		if r != test.result {
+			t.Errorf("Valid %v: got %v, expected %v",
+				test.name, r, test.result)
+		}
+	}
+}