This method uses {@link #normalize} under the covers and * does not resolve symbolic links.
* + *If either path tries to go beyond the file system root + * (i.e. it contains more ".." segments than can be travelled up) + * the method will return false.
+ * * @param leading The leading path, must not be null, must be absolute. * @param path The path to check, must not be null, must be absolute. * @return true if path starts with leading; false otherwise. @@ -1198,6 +1202,11 @@ public class FileUtils { if (!l.endsWith(File.separator)) { l += File.separator; } + // ensure "/foo/" is not considered a parent of "/foo/../../bar" + String up = File.separator + ".." + File.separator; + if (l.contains(up) || p.contains(up) || (p + File.separator).contains(up)) { + return false; + } return p.startsWith(l); } diff --git a/src/tests/junit/org/apache/tools/ant/util/FileUtilsTest.java b/src/tests/junit/org/apache/tools/ant/util/FileUtilsTest.java index c52015654..0e99f630e 100644 --- a/src/tests/junit/org/apache/tools/ant/util/FileUtilsTest.java +++ b/src/tests/junit/org/apache/tools/ant/util/FileUtilsTest.java @@ -591,6 +591,16 @@ public class FileUtilsTest { FILE_UTILS.getDefaultEncoding(); } + /** + * @see "https://bz.apache.org/bugzilla/show_bug.cgi?id=62502" + */ + @Test + public void isLeadingPathCannotBeFooledByTooManyDoubleDots() { + assertFalse(FILE_UTILS.isLeadingPath(new File("/foo"), new File("/foo/../../bar"))); + assertFalse(FILE_UTILS.isLeadingPath(new File("c:\\foo"), new File("c:\\foo\\..\\..\\bar"))); + assertFalse(FILE_UTILS.isLeadingPath(new File("/foo"), new File("/foo/../.."))); + } + /** * adapt file separators to local conventions */