diff options
author | Andrei Karas <akaras@inbox.ru> | 2012-01-08 20:41:48 +0300 |
---|---|---|
committer | Andrei Karas <akaras@inbox.ru> | 2012-01-08 21:37:14 +0300 |
commit | 72d496fb243f622c9a582d593b0d51ec057acd37 (patch) | |
tree | 0032d56a00470b9974bedaa971c2dd2401fec159 /src/utils | |
parent | efe6e235c05c7ae37e0608f69cada7db38501355 (diff) | |
download | plus-72d496fb243f622c9a582d593b0d51ec057acd37.tar.gz plus-72d496fb243f622c9a582d593b0d51ec057acd37.tar.bz2 plus-72d496fb243f622c9a582d593b0d51ec057acd37.tar.xz plus-72d496fb243f622c9a582d593b0d51ec057acd37.zip |
Validate update host.
Diffstat (limited to 'src/utils')
-rw-r--r-- | src/utils/stringutils.cpp | 10 | ||||
-rw-r--r-- | src/utils/stringutils.h | 2 |
2 files changed, 12 insertions, 0 deletions
diff --git a/src/utils/stringutils.cpp b/src/utils/stringutils.cpp index 642ba0df2..b855e3b04 100644 --- a/src/utils/stringutils.cpp +++ b/src/utils/stringutils.cpp @@ -612,3 +612,13 @@ std::string &removeProtocol(std::string &url) url = url.substr(i + 3); return url; } + +bool checkPath(std::string path) +{ + if (path.empty()) + return true; + return path.find("../") == std::string::npos + && path.find("..\\") == std::string::npos + && path.find("/..") == std::string::npos + && path.find("\\..") == std::string::npos; +} diff --git a/src/utils/stringutils.h b/src/utils/stringutils.h index 0913c7348..c6eb08a6c 100644 --- a/src/utils/stringutils.h +++ b/src/utils/stringutils.h @@ -206,4 +206,6 @@ bool findCutFirst(std::string &str1, std::string str2); std::string &removeProtocol(std::string &url); +bool checkPath(std::string path); + #endif // UTILS_STRINGUTILS_H |