"is outside context directory" false positive

[alecbz]

The check as-implemented just checks to see if the string .. exists anywhere in the full relative filepath, which does not necessarily mean the path is outside of the context. E.g., a directory or file could be named this..is..a..file.

I'm running into this now, where it seems like a node_modules directory somewhere in our repo contains a file called ..d and is causing buf to complain.

My case should be solvable with excludes, but in general a more robust check should maybe be used here?

[bufdev]

This is a good point - need to see if there's a better way to do this. One way would be to calculate the absolute paths, and then see if the normalized path is a strict subset of the input path, but this may be expensive on a continual basis.

[bufdev]

@AlecBenzer correct me if I'm wrong, but would this be fixed (and correctly fixed) if we checked against ".." + string(os.PathSeparator) instead of ".."? I might be crazy but I think that would work.

[alecbz]

@bufdev I think you might actually just be able to do strings.HasPrefix(path, ".." + os.PathSeparator)?

filepath.Clean (called from Normalize) should "Eliminate each inner .. path name element (the parent directory) along with the non-.. element that precedes it.", so I think the only place a .. could even appear is at the start of the Cleaned path.

https://play.golang.org/p/vtUgmJk0Fta

Checking for ".." + string(os.PathSeparator) anywhere in the string would still false-positive for stuff like foo/baz/iwonder.../stuff.

[bufdev]

#54

[bufdev]

I think this is fixed on master (and thanks for waiting on this, sorry for the delay). We'll work to do a proper release with this soon. Let me know if there's any other issues.