txtar path validation

diff --git a/dsc b/dsc
index f336f36f19651b834a44a7e15ea90ed40f38575ffb7f8110fe0a2e07a3342f94..16542386921eaf93a66eb1a1ec41463186519832496d25d85280bce722e19309 100755 (executable)
--- a/dsc
+++ b/dsc
@@ -367,6 +367,16 @@ switch [lindex $argv 0] {
             }
         }
         proc openfh {fn} {
+            if {[string index $fn 0] == "/"} {
+                puts stderr "absolute paths are forbidden"
+                exit 1
+            }
+            foreach e [file split $fn] {
+                if {$e == ".."} {
+                    puts stderr "relative paths are forbidden"
+                    exit 1
+                }
+            }
             set bin no
             if {[string range $fn [expr {[string length $fn]-7}] end] == ":base64"} {
                 set bin yes

diff --git a/t/import-path-validation.t b/t/import-path-validation.t
new file mode 100755 (executable)
index 0000000..cca8223
--- /dev/null
+++ b/t/import-path-validation.t
@@ -0,0 +1,29 @@
+#!/bin/sh
+
+test_description="$(basename $0)"
+. $SHARNESS_TEST_SRCDIR/sharness.sh
+export DSC_SCHEMA=$SHARNESS_TEST_DIRECTORY/../schema
+PATH=$SHARNESS_TEST_DIRECTORY/..:$PATH
+export DSC_STASH=stash DSC_SAVED=saved
+mkdir saved
+
+cat >in <<EOF
+-- .dirs --
+-- /abs/path --
+gotcha
+EOF
+test_expect_success "import abs" "! dsc import <in >out 2>&1"
+test_expect_success "import abs msg" \
+    '[ "$(cat out)" = "absolute paths are forbidden" ]'
+
+cat >in <<EOF
+-- .dirs --
+-- path/../rel --
+gotcha
+EOF
+test_expect_success "import rel" "! dsc import <in >out 2>&1"
+test_expect_success "import rel msg" \
+    '[ "$(cat out)" = "relative paths are forbidden" ]'
+
+
+test_done