From 70fc5bf63238ff2a7d184d5717c9981a4333e694 Mon Sep 17 00:00:00 2001 From: m-yamagishi Date: Tue, 12 Jan 2021 22:58:58 +0900 Subject: [PATCH 1/2] Add multiple dots test(will be failed) #94 --- tests/ReferenceContextTest.php | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tests/ReferenceContextTest.php b/tests/ReferenceContextTest.php index 92d9d93e..b06eb5fc 100644 --- a/tests/ReferenceContextTest.php +++ b/tests/ReferenceContextTest.php @@ -183,6 +183,10 @@ public function normalizeUriProvider() '/var/www/api/../definitions.yaml#/components/Pet', 'file:///var/www/definitions.yaml#/components/Pet', ], + [ + '/var/www/api/foo/../../definitions.yaml#/components/Pet', + 'file:///var/www/definitions.yaml#/components/Pet', + ], ]; return $data; From 9c08ebec49d3f57da59a91d3feecf769b6b531c2 Mon Sep 17 00:00:00 2001 From: m-yamagishi Date: Tue, 12 Jan 2021 23:07:53 +0900 Subject: [PATCH 2/2] fix ReferenceContext with multiple dots #94 --- src/ReferenceContext.php | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/ReferenceContext.php b/src/ReferenceContext.php index 3d824a63..bde0a964 100644 --- a/src/ReferenceContext.php +++ b/src/ReferenceContext.php @@ -115,14 +115,16 @@ private function reduceDots($path) { $parts = explode('/', ltrim($path, '/')); $c = count($parts); + $parentOffset = 1; for ($i = 0; $i < $c; $i++) { if ($parts[$i] === '.') { unset($parts[$i]); continue; } - if ($i > 0 && $parts[$i] === '..' && $parts[$i-1] !== '..') { - unset($parts[$i-1]); + if ($i > 0 && $parts[$i] === '..' && $parts[$i - $parentOffset] !== '..') { + unset($parts[$i - $parentOffset]); unset($parts[$i]); + $parentOffset += 2; } } return '/'.implode('/', $parts);