A convenience function to call from all darcs command functions before applying any patches. It checks for malicious paths in patches, and prints an error message and fails if it finds one.
Filter out patches that contains some malicious file path
What is a malicious path?
A spoofed path is a malicious path.
- Darcs only creates explicitly relative paths (beginning with
"./"), so any not explicitly relative path is surely spoofed.
- Darcs normalizes paths so they never contain
"/../", so paths with
"/../"are surely spoofed.
A path to a darcs repository's meta data can modify "trusted" patches or
change safety defaults in that repository, so we check for paths
"/_darcs/" which is the entry to darcs meta data.
- How about get repositories?
- Would it be worth adding a --semi-safe-paths option for allowing changes to certain preference files (_darcs/prefs/) in sub repositories'?