X-Git-Url: https://git.p6c8.net/devedit.git/blobdiff_plain/b367b01bd6e1cc017f55e05e86f45ebd727312ad..6cb088cea794fc67941b4e174fe9ed80c8a45875:/modules/Tool.pm?ds=inline diff --git a/modules/Tool.pm b/modules/Tool.pm index e1407a1..1cd2456 100644 --- a/modules/Tool.pm +++ b/modules/Tool.pm @@ -6,7 +6,7 @@ package Tool; # Some shared sub routines # # Author: Patrick Canterino -# Last modified: 2005-05-07 +# Last modified: 2008-04-25 # use strict; @@ -32,6 +32,7 @@ use base qw(Exporter); encode_html equal_url file_name + is_forbidden_file mode_string multi_string upper_path); @@ -67,8 +68,9 @@ sub check_path($$) $first = abs_path($first); my $last = file_name($path); + $last = '' if($last eq '.'); - if(-d $first.'/'.$last && not -l $first.'/'.$last) + if($last eq '..' || ($^O eq 'MSWin32' && $last =~ m!^\.\.\.+$!)) { $first = abs_path($first.'/'.$last); $last = ''; @@ -79,6 +81,7 @@ sub check_path($$) # Check if the path is above the root directory return if(index($path,$root) != 0); + return if(substr($path,length($root)) && not File::Spec->file_name_is_absolute(substr($path,length($root)))); # Create short path name @@ -180,6 +183,8 @@ sub dos_wildcard_match($$) { my ($pattern,$string) = @_; + return 1 if($pattern eq '*'); + # The following part is stolen from File::DosGlob # escape regex metachars but not glob chars @@ -254,6 +259,29 @@ sub file_name($) return $path; } +# is_forbidden_file() +# +# Check if a file is in the list of forbidden files +# +# Params: 1. Array Reference containing the list +# 2. Filename to check +# +# Return: Status code (Boolean) + +sub is_forbidden_file($$) +{ + my ($list,$file) = @_; + $file =~ s!/+$!!g; + + foreach my $entry(@$list) + { + return 1 if($file eq $entry); + return 1 if(index($file,$entry.'/') == 0); + } + + return; +} + # mode_string() # # Convert a file mode number into a human readable string (rwxr-x-r-x)