Documentation
¶
Overview ¶
Package validate provides path and content validation functionality. This package contains security validators for archive extraction to prevent path traversal attacks and other security vulnerabilities.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type PathTraversalValidator ¶
type PathTraversalValidator struct {
// AllowHiddenFiles determines whether hidden files (starting with .) are allowed
AllowHiddenFiles bool
// RootPath is the extraction root directory used for symlink validation
RootPath string
}
PathTraversalValidator validates file paths to prevent security vulnerabilities. It detects and rejects various forms of path traversal attacks and other problematic path patterns that could compromise archive extraction security.
func NewPathTraversalValidator ¶
func NewPathTraversalValidator() *PathTraversalValidator
NewPathTraversalValidator creates a new PathTraversalValidator with default settings.
func (*PathTraversalValidator) IsPathSafe ¶
func (v *PathTraversalValidator) IsPathSafe(path string) bool
IsPathSafe is a convenience method that returns true if the path is safe.
func (*PathTraversalValidator) ValidatePath ¶
func (v *PathTraversalValidator) ValidatePath(path string) error
ValidatePath validates a file path for security issues. It checks for path traversal attempts, absolute paths, and other security concerns. Returns nil if the path is safe, or an error describing the security violation.
func (*PathTraversalValidator) ValidateSymlink ¶
func (v *PathTraversalValidator) ValidateSymlink(linkPath, targetPath string) error
ValidateSymlink validates a symlink target to ensure it doesn't escape the root. This is crucial for preventing symlink-based directory traversal attacks.
Source Files