From 74b0fcb06da22e0ed96ffebd10d59f1f975896d31751eb0915ece73f2e75a4ad Mon Sep 17 00:00:00 2001
From: Sergey Matveev <stargrave@stargrave.org>
Date: Mon, 22 Dec 2025 18:54:11 +0300
Subject: [PATCH] txtar path validation

---
 dsc                        | 10 ++++++++++
 t/import-path-validation.t | 29 +++++++++++++++++++++++++++++
 2 files changed, 39 insertions(+)
 create mode 100755 t/import-path-validation.t

diff --git a/dsc b/dsc
index f336f36..1654238 100755
--- a/dsc
+++ b/dsc
@@ -367,6 +367,16 @@ switch [lindex $argv 0] {
             }
         }
         proc openfh {fn} {
+            if {[string index $fn 0] == "/"} {
+                puts stderr "absolute paths are forbidden"
+                exit 1
+            }
+            foreach e [file split $fn] {
+                if {$e == ".."} {
+                    puts stderr "relative paths are forbidden"
+                    exit 1
+                }
+            }
             set bin no
             if {[string range $fn [expr {[string length $fn]-7}] end] == ":base64"} {
                 set bin yes
diff --git a/t/import-path-validation.t b/t/import-path-validation.t
new file mode 100755
index 0000000..cca8223
--- /dev/null
+++ b/t/import-path-validation.t
@@ -0,0 +1,29 @@
+#!/bin/sh
+
+test_description="$(basename $0)"
+. $SHARNESS_TEST_SRCDIR/sharness.sh
+export DSC_SCHEMA=$SHARNESS_TEST_DIRECTORY/../schema
+PATH=$SHARNESS_TEST_DIRECTORY/..:$PATH
+export DSC_STASH=stash DSC_SAVED=saved
+mkdir saved
+
+cat >in <<EOF
+-- .dirs --
+-- /abs/path --
+gotcha
+EOF
+test_expect_success "import abs" "! dsc import <in >out 2>&1"
+test_expect_success "import abs msg" \
+    '[ "$(cat out)" = "absolute paths are forbidden" ]'
+
+cat >in <<EOF
+-- .dirs --
+-- path/../rel --
+gotcha
+EOF
+test_expect_success "import rel" "! dsc import <in >out 2>&1"
+test_expect_success "import rel msg" \
+    '[ "$(cat out)" = "relative paths are forbidden" ]'
+
+
+test_done
-- 
2.52.0