diff options
| author |  Esther Goldberg <[email protected]> | 2024-04-09 09:57:57 -0400 |
|---|---|---|
| committer |  GitHub <[email protected]> | 2024-04-09 13:57:57 +0000 |
| commit | 5b606b143c3fb9c5641ec6bc0d728ebe2f800dee (patch) | |
| tree | 79b09e5d0068eab186e7d4beb1f600bca1eb9064 | |
| parent | Merge pull request #204 from python-discord/dependabot/docker/docker-dependen... (diff) | |
Raise error if attachment pathname contains invalid bytes (#209)
| -rw-r--r-- | snekbox/nsjail.py | 6 | ||||
| -rw-r--r-- | snekbox/snekio/attachment.py | 9 | ||||
| -rw-r--r-- | tests/test_nsjail.py | 14 |
3 files changed, 29 insertions, 0 deletions
diff --git a/snekbox/nsjail.py b/snekbox/nsjail.py index dc09393..0d5e3c6 100644 --- a/snekbox/nsjail.py +++ b/snekbox/nsjail.py @@ -14,6 +14,7 @@ from snekbox.config_pb2 import NsJailConfig from snekbox.limits.timed import time_limit from snekbox.result import EvalError, EvalResult from snekbox.snekio import FileAttachment, MemFS +from snekbox.snekio.errors import IllegalPathError from snekbox.snekio.filesystem import Size from snekbox.utils.iter import iter_lstrip @@ -244,6 +245,11 @@ class NsJail: except TimeoutError as e: log.info(f"Exceeded time limit while parsing attachments: {e}") raise EvalError("TimeoutError: Exceeded time limit while parsing attachments") from e + except IllegalPathError as e: + log.info(f"Invalid bytes in filename while parsing attachments: {e}") + raise EvalError( + "FileParsingError: invalid bytes in filename while parsing attachments" + ) from e except Exception as e: log.exception(f"Unexpected {type(e).__name__} while parse attachments", exc_info=e) raise EvalError("FileParsingError: Unknown error while parsing attachments") from e diff --git a/snekbox/snekio/attachment.py b/snekbox/snekio/attachment.py index 73e26b8..72426e5 100644 --- a/snekbox/snekio/attachment.py +++ b/snekbox/snekio/attachment.py @@ -67,8 +67,17 @@ class FileAttachment: Args: file: The file to attach. relative_to: The root for the path name. + Raises: + IllegalPathError: If path name contains characters that can't be encoded in UTF-8 """ path = file.relative_to(relative_to) if relative_to else file + + # Disallow filenames with chars that can't be encoded in UTF-8 + try: + str(path).encode("utf-8") + except UnicodeEncodeError as e: + raise IllegalPathError("File paths may not contain invalid byte sequences") from e + return cls(str(path), file.read_bytes()) @property diff --git a/tests/test_nsjail.py b/tests/test_nsjail.py index d54d31b..dde20bc 100644 --- a/tests/test_nsjail.py +++ b/tests/test_nsjail.py @@ -250,6 +250,20 @@ class NsJailTests(unittest.TestCase): ) self.assertEqual(result.stderr, None) + def test_filename_encoding_illegal_chars(self): + code = dedent( + r""" + with open(b"\xC3.txt", "w") as f: + f.write("test") + """ + ).strip() + result = self.eval_file(code) + self.assertEqual(result.returncode, None) + self.assertEqual( + result.stdout, "FileParsingError: invalid bytes in filename while parsing attachments" + ) + self.assertEqual(result.stderr, None) + def test_file_parsing_depth_limit(self): code = dedent( """ |