Safety check for a git-relative path: no absolute, no traversal, no NUL.
(p: str)
| 274 | |
| 275 | |
| 276 | def _is_safe_relpath(p: str) -> bool: |
| 277 | """Safety check for a git-relative path: no absolute, no traversal, no NUL.""" |
| 278 | return ( |
| 279 | p |
| 280 | and "\x00" not in p |
| 281 | and not p.startswith("/") |
| 282 | and not re.match(r"^[A-Za-z]:/", p) |
| 283 | and ".." not in Path(p).parts |
| 284 | ) |
| 285 | |
| 286 | |
| 287 | def validate_selected_paths(res: SelectorResult, repo: Path) -> SelectorResult: |
no test coverage detected