crepuscularity-core 0.4.7

Parser, AST, and expression evaluation for the Crepuscularity .crepus DSL (UNSTABLE; in active development).
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64

//! Safe resolution of `include` paths relative to a template `base_dir`.

use std::path::{Path, PathBuf};

/// Resolve an `include` path, rejecting escapes outside `base_dir`.
///
/// On native targets, paths are canonicalized and must stay under the canonical
/// base directory when one is set. On `wasm32`, only syntactic checks run and the
/// joined candidate path is returned (virtual bundles have no real filesystem).
pub fn resolve_include_path(base_dir: Option<&Path>, path: &str) -> Result<PathBuf, String> {
    let requested = Path::new(path);
    if requested.has_root()
        || requested.components().any(|c| {
            matches!(
                c,
                std::path::Component::ParentDir | std::path::Component::Prefix(_)
            )
        })
    {
        return Err(format!("include path outside base dir: {path}"));
    }

    let candidate = if let Some(base) = base_dir {
        base.join(requested)
    } else {
        requested.to_path_buf()
    };

    #[cfg(not(target_arch = "wasm32"))]
    {
        let resolved = std::fs::canonicalize(&candidate).unwrap_or(candidate);
        if let Some(base) = base_dir {
            if let Ok(base) = std::fs::canonicalize(base) {
                if !resolved.starts_with(&base) {
                    return Err(format!("include path outside base dir: {path}"));
                }
            }
        }
        Ok(resolved)
    }

    #[cfg(target_arch = "wasm32")]
    {
        Ok(candidate)
    }
}

#[cfg(test)]
mod tests {
    use super::resolve_include_path;

    #[test]
    fn include_path_rejects_parent_dir() {
        let err = resolve_include_path(None, "../secret.crepus").unwrap_err();
        assert!(err.contains("include path outside base dir"));
    }

    #[test]
    fn include_path_rejects_absolute_path() {
        let path = std::env::temp_dir().join("secret.crepus");
        let err = resolve_include_path(None, path.to_str().unwrap()).unwrap_err();
        assert!(err.contains("include path outside base dir"));
    }
}