feat(security): use bcrypt hashes and safe paths for boxes
- Replace legacy salted password hashing with bcrypt and store hash alg - Accept existing bcrypt hashes while keeping legacy verification fallback - Validate box IDs and use SafeChildPath for box/file operations to prevent traversal - Refactor download flow to share zip writer logic and correctly handle one-time deletes and optional renew-on-download only after a successful zip writefeat(security): use bcrypt hashes and safe paths for boxes - Replace legacy salted password hashing with bcrypt and store hash alg - Accept existing bcrypt hashes while keeping legacy verification fallback - Validate box IDs and use SafeChildPath for box/file operations to prevent traversal - Refactor download flow to share zip writer logic and correctly handle one-time deletes and optional renew-on-download only after a successful zip write
This commit is contained in:
20
lib/helpers/paths_test.go
Normal file
20
lib/helpers/paths_test.go
Normal file
@@ -0,0 +1,20 @@
|
||||
package helpers
|
||||
|
||||
import (
|
||||
"path/filepath"
|
||||
"testing"
|
||||
)
|
||||
|
||||
func TestSafeChildPathRejectsTraversalAndAbsolutePaths(t *testing.T) {
|
||||
parent := filepath.Join(t.TempDir(), "parent")
|
||||
|
||||
if _, ok := SafeChildPath(parent, "../outside.txt"); ok {
|
||||
t.Fatal("expected traversal to be rejected")
|
||||
}
|
||||
if _, ok := SafeChildPath(parent, filepath.Join(string(filepath.Separator), "tmp", "outside.txt")); ok {
|
||||
t.Fatal("expected absolute path to be rejected")
|
||||
}
|
||||
if path, ok := SafeChildPath(parent, "inside.txt"); !ok || path != filepath.Join(parent, "inside.txt") {
|
||||
t.Fatalf("expected safe child path, got path=%q ok=%v", path, ok)
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user