From 72d496fb243f622c9a582d593b0d51ec057acd37 Mon Sep 17 00:00:00 2001
From: Andrei Karas <akaras@inbox.ru>
Date: Sun, 8 Jan 2012 20:41:48 +0300
Subject: Validate update host.

---
 src/utils/stringutils.cpp | 10 ++++++++++
 src/utils/stringutils.h   |  2 ++
 2 files changed, 12 insertions(+)

(limited to 'src/utils')

diff --git a/src/utils/stringutils.cpp b/src/utils/stringutils.cpp
index 642ba0df2..b855e3b04 100644
--- a/src/utils/stringutils.cpp
+++ b/src/utils/stringutils.cpp
@@ -612,3 +612,13 @@ std::string &removeProtocol(std::string &url)
         url = url.substr(i + 3);
     return url;
 }
+
+bool checkPath(std::string path)
+{
+    if (path.empty())
+        return true;
+    return path.find("../") == std::string::npos
+        && path.find("..\\") == std::string::npos
+        && path.find("/..") == std::string::npos
+        && path.find("\\..") == std::string::npos;
+}
diff --git a/src/utils/stringutils.h b/src/utils/stringutils.h
index 0913c7348..c6eb08a6c 100644
--- a/src/utils/stringutils.h
+++ b/src/utils/stringutils.h
@@ -206,4 +206,6 @@ bool findCutFirst(std::string &str1, std::string str2);
 
 std::string &removeProtocol(std::string &url);
 
+bool checkPath(std::string path);
+
 #endif // UTILS_STRINGUTILS_H
-- 
cgit v1.2.3-70-g09d2