Skip to main content

PathValidator

agent_diva_core::security::path

Struct PathValidator

pub struct PathValidator;

Expand description

Validates paths against security threats

Implementations§

impl PathValidator

pub fn contains_null_bytes(path: &str) -> bool

Layer 1: Check for null bytes

pub fn contains_path_traversal(path: &str) -> bool

Layer 2: Check for path traversal components (../)

pub fn contains_url_encoded_traversal(path: &str) -> bool

Layer 3: Check for URL-encoded traversal

pub fn starts_with_tilde(path: &str) -> bool

Layer 4: Check for tilde expansion (~user)

pub fn is_absolute(path: &str) -> bool

Layer 5: Check if path is absolute

pub fn matches_forbidden_prefix( path: &str, forbidden: &[String], ) -> Option<String>

Layer 6: Check against forbidden path prefixes

pub fn normalize_path(path: &str) -> String

Normalize a path for comparison

pub fn is_within_allowed_roots( resolved: &Path, allowed_roots: &[PathBuf], ) -> bool

Check if a resolved path is within allowed roots

pub async fn validate_no_symlink_escape( path: &Path, workspace: &Path, ) -> Result<(), String>

Validate that a path doesn’t escape the workspace via symlinks

pub fn get_extension(path: &str) -> Option<String>

Get the file extension from a path

pub fn is_extension_forbidden(ext: &str, forbidden: &[String]) -> bool

Check if an extension is in the forbidden list

pub fn sanitize_component(component: &str) -> String

Sanitize a path component for safe use

Auto Trait Implementations§

impl Freeze for PathValidator

impl RefUnwindSafe for PathValidator

impl Send for PathValidator

impl Sync for PathValidator

impl Unpin for PathValidator

impl UnsafeUnpin for PathValidator

impl UnwindSafe for PathValidator

Blanket Implementations§

impl<T> Any for T
where T: 'static + ?Sized,

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more

impl<T> Borrow<T> for T
where T: ?Sized,

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more

impl<T> BorrowMut<T> for T
where T: ?Sized,

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more

impl<T> From<T> for T

fn from(t: T) -> T

Returns the argument unchanged.

impl<T> Instrument for T

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more

impl<T, U> Into<U> for T
where U: From<T>,

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

impl<T> IntoEither for T

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more

impl<T> Same for T

type Output = T

Should always be Self

impl<T, U> TryFrom<U> for T
where U: Into<T>,

type Error = Infallible

The type returned in the event of a conversion error.

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.

impl<T> WithSubscriber for T

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more