Cutlery/Kyoo
1
0
Fork 0
mirror of https://github.com/zoriya/Kyoo.git synced 2025-05-24 02:02:36 -04:00
Code Issues Packages Projects Releases Wiki Activity

Clean file of .. or ./ before checking Abs.

Browse Source
This commit is contained in:
Zoe Roux 2024-04-30 13:36:08 +02:00 committed by GitHub
parent 316e5dd208
commit 8ee280de87
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
transcoder/utils.go
View File

@ -30,7 +30,7 @@ func GetPath(c echo.Context) (string, string, error) {
if err != nil {
return "", "", echo.NewHTTPError(http.StatusBadRequest, "Invalid path. Should be base64 encoded.")
}
path := string(pathb)
path := filepath.Clean(string(pathb))
if !filepath.IsAbs(path) {
return "", "", echo.NewHTTPError(http.StatusBadRequest, "Absolute path required.")
}