thevar1able/ClickHouse
1
0
Fork 0
mirror of https://github.com/ClickHouse/ClickHouse.git synced 2024-11-28 02:21:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #57029 from ClickHouse/fix_DatabaseFilesystem_path_validation

Browse Source 
Fix file path validation for DatabaseFileSystem
This commit is contained in:
Raúl Marín 2023-11-22 09:19:19 +01:00 committed by GitHub
commit a1bb31525a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/Databases/DatabaseFilesystem.cpp
View File

@ -40,13 +40,15 @@ DatabaseFilesystem::DatabaseFilesystem(const String & name_, const String & path
{
path = user_files_path / path;
}
else if (!is_local && !pathStartsWith(fs::path(path), user_files_path))
path = fs::absolute(path).lexically_normal();
if (!is_local && !pathStartsWith(fs::path(path), user_files_path))
{
throw Exception(ErrorCodes::BAD_ARGUMENTS,
"Path must be inside user-files path: {}", user_files_path.string());
}
path = fs::absolute(path).lexically_normal();
if (!fs::exists(path))
throw Exception(ErrorCodes::BAD_ARGUMENTS, "Path does not exist: {}", path);
}

0
tests/queries/0_stateless/02921_database_filesystem_path_check.reference Normal file
View File

2
tests/queries/0_stateless/02921_database_filesystem_path_check.sql Normal file
View File

@ -0,0 +1,2 @@
create database db_filesystem ENGINE=Filesystem('/etc'); -- { serverError BAD_ARGUMENTS }
create database db_filesystem ENGINE=Filesystem('../../../../../../../../etc'); -- { serverError BAD_ARGUMENTS }