github/overleaf
1
0
Fork 0
mirror of https://github.com/overleaf/overleaf.git synced 2024-11-21 20:47:08 -05:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #285 from sharelatex/file-path-checks

Browse source 
add file path check on element names
This commit is contained in:
Henry Oswald 2016-07-22 13:54:05 +01:00 committed by GitHub
commit 8492ea7d28
1 changed files with 5 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
services/web/app/coffee/Features/Project/ProjectEntityHandler.coffee
View file

@ -512,6 +512,11 @@ module.exports = ProjectEntityHandler =
return callback(e)
type = sanitizeTypeOfElement type
if path.resolve("/", element.name) isnt "/#{element.name}" or element.name.match("/")
e = new Error("invalid element name")
logger.err project_id:project._id, folder_id:folder_id, element:element, type:type, "failed trying to insert element as name was invalid"
return callback(e)
if !folder_id?
folder_id = project.rootFolder[0]._id
ProjectEntityHandler._countElements project, (err, count)->