diff options
author | Christian Heimes <christian@python.org> | 2015-10-01 13:30:13 +0200 |
---|---|---|
committer | Simo Sorce <simo@redhat.com> | 2015-10-19 12:17:58 -0400 |
commit | 785fc87f38b4811bc4ce43a0a9b2267ee7d500b4 (patch) | |
tree | cd8fac0416065cb5451311b354f25362ff632767 /tests | |
parent | 0ca07419bbc2c4e499b4c37d2183d82b2640e816 (diff) | |
download | custodia-785fc87f38b4811bc4ce43a0a9b2267ee7d500b4.tar.gz custodia-785fc87f38b4811bc4ce43a0a9b2267ee7d500b4.tar.xz custodia-785fc87f38b4811bc4ce43a0a9b2267ee7d500b4.zip |
etcdstore: prevent path traversal attacks
A new internal method _absolute_key() is used to join key name and name
space. etcd treats the key space like a file system so the method checks
the key for '//', '.', and '..' to prevent invalid paths and path traversal
attacks.
Signed-off-by: Christian Heimes <cheimes@redhat.com>
Signed-off-by: Simo Sorce <simo@redhat.com>
Diffstat (limited to 'tests')
0 files changed, 0 insertions, 0 deletions