chore: use methods in stdlib instead

Signed-off-by: xliao <[email protected]>
suzaku · Aug 15, 2023 · 6823b1e · 6823b1e
1 parent 94b986d
commit 6823b1e
Showing 1 changed file with 2 additions and 10 deletions.
diff --git a/util/security/path_traversal.go b/util/security/path_traversal.go
@@ -10,11 +10,11 @@ import (
 // `requestedPath` must be absolute paths. They may contain any number of `./` or `/../` dir changes.
 func EnforceToCurrentRoot(currentRoot, requestedPath string) (string, error) {
 	currentRoot = filepath.Clean(currentRoot)
-	requestedDir, requestedFile := parsePath(requestedPath)
+	requestedDir, requestedFile := filepath.Split(filepath.Clean(requestedPath))
 	if !isRequestedDirUnderCurrentRoot(currentRoot, requestedDir) {
 		return "", fmt.Errorf("requested path %s should be on or under current directory %s", requestedPath, currentRoot)
 	}
-	return requestedDir + string(filepath.Separator) + requestedFile, nil
+	return filepath.Join(requestedDir, requestedFile), nil
 }
 
 func isRequestedDirUnderCurrentRoot(currentRoot, requestedPath string) bool {
@@ -31,11 +31,3 @@ func isRequestedDirUnderCurrentRoot(currentRoot, requestedPath string) bool {
 	}
 	return strings.HasPrefix(requestedPath, currentRoot)
 }
-
-func parsePath(path string) (string, string) {
-	directory := filepath.Dir(path)
-	if directory == path {
-		return directory, ""
-	}
-	return directory, filepath.Base(path)
-}