fix to disallow invalid characters in filenames

Signed-off-by: Amber Torrise <[email protected]>
zowe · Oct 19, 2023 · 8aacd85 · 8aacd85
1 parent 0dbd9a4
commit 8aacd85
Showing 1 changed file with 32 additions and 0 deletions.
diff --git a/src/cli/download/data-set/DataSet.Handler.ts b/src/cli/download/data-set/DataSet.Handler.ts
@@ -14,14 +14,46 @@ import { FTPBaseHandler } from "../../../FTPBase.Handler";
 import { IFTPHandlerParams } from "../../../IFTPHandlerParams";
 import { FTPProgressHandler } from "../../../FTPProgressHandler";
 import { DataSetUtils, TRANSFER_TYPE_ASCII, TRANSFER_TYPE_ASCII_RDW, TRANSFER_TYPE_BINARY, TRANSFER_TYPE_BINARY_RDW } from "../../../api";
+import { ImperativeError } from "@zowe/imperative";
 
+function isValidFileName(fileName: string) {
+    //to prevent magic number eslint errors
+    const iso8859_1_start_first = 32; // first valid code point for first chunk of valid characters in the ISO/IEC 8859-1 table
+    const iso8859_1_end_first = 127;
+    const iso8859_1_start_second = 160; //second chunk of valid characters
+    const iso8859_1_end_second = 255;
+    const binary = 2;
+    const hexadecimal = 16;
+
+    const unicodeString = fileName.split('').map(char => `U+${char.charCodeAt(0).toString(hexadecimal).toUpperCase()}`).join(' ');
+    const codePoints = unicodeString.split(' ');
+
+    for (const codePoint of codePoints) {
+        // Extract the decimal representation from the code point (e.g., ☻ = U+263B => 9787)
+        const decimalRepresentation = parseInt(codePoint.substring(binary), hexadecimal);
+
+        // Check if the code point is in the range of valid characters (valid numbers deduced from https://en.wikipedia.org/wiki/ISO/IEC_8859-1)
+        if ((decimalRepresentation >= iso8859_1_start_first && decimalRepresentation <= iso8859_1_end_first) ||
+            (decimalRepresentation >= iso8859_1_start_second && decimalRepresentation <= iso8859_1_end_second))
+        {
+            // If any invalid code point is found, return false
+            return false;
+        }
+    }
+    return true;
+}
 export default class DownloadDataSetHandler extends FTPBaseHandler {
     public async processFTP(params: IFTPHandlerParams): Promise<void> {
 
         const file = params.arguments.file == null ?
             ZosFilesUtils.getDirsFromDataSet(params.arguments.dataSet) :
             params.arguments.file;
 
+        // Validate the file name before proceeding
+        if (!isValidFileName(file)) {
+            throw new ImperativeError({msg: "Invalid file name. Please check the file name for typos."});
+        }
+
         let progress;
         if (params.response && params.response.progress) {
             progress = new FTPProgressHandler(params.response.progress, true);