strict-path 0.2.1

Secure path handling for untrusted input. Prevents directory traversal, symlink escapes, and 19+ real-world CVE attack patterns.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57

#[cfg(windows)]
use std::path::Path;

#[cfg(windows)]
#[test]
fn anchored_canonicalize_missing_backslash_regression() {
    // Recreate conditions that previously produced a malformed verbatim drive path
    // of the form "\\\\?\\C:Users\\..." (missing a backslash after the drive colon).
    // We call soft_canonicalize::anchored_canonicalize directly to capture the raw output
    // (our crate wraps this with a normalization guard).

    let tmp = tempfile::tempdir().unwrap();
    let anchor = std::fs::canonicalize(tmp.path()).unwrap();
    // Candidate with a leading root (absolute-like in virtual semantics)
    let candidate = Path::new("/data/dir");

    let raw = soft_canonicalize::anchored_canonicalize(&anchor, candidate)
        .expect("anchored canonicalize should succeed");
    let s = raw.to_string_lossy();

    // Detect malformed verbatim drive form: "\\\\?\\<Drive>:<not a backslash>..."
    let mut observed_bug = false;
    if let Some(rest) = s.strip_prefix(r"\\?\") {
        let b = rest.as_bytes();
        if b.len() >= 3 && (b[0] as char).is_ascii_alphabetic() && b[1] == b':' {
            // If bug exists, b[2] will not be a backslash
            if b[2] != b'\\' && b[2] != b'/' {
                observed_bug = true;
            }
        }
    }

    // Fail the test if the upstream bug is present so it can be tracked visibly.
    assert!(
        !observed_bug,
        "soft-canonicalize::anchored_canonicalize returned malformed verbatim drive path: raw='{s}'"
    );

    // Regardless of upstream behavior, our wrapper must normalize to a correct form.
    // Call through our normalized wrapper and assert the result has a backslash after the colon.
    let test_dir: crate::PathBoundary = crate::PathBoundary::try_new(tmp.path()).unwrap();
    let anchored = crate::validator::path_history::PathHistory::new(candidate.to_path_buf())
        .canonicalize_anchored(&test_dir)
        .expect("normalized anchored canonicalize must succeed");
    let fixed = anchored.to_string_lossy();
    if let Some(rest) = fixed.strip_prefix(r"\\?\") {
        let b = rest.as_bytes();
        if b.len() >= 3 && (b[0] as char).is_ascii_alphabetic() && b[1] == b':' {
            assert_eq!(
                b[2], b'\\',
                "normalized path must have backslash after drive colon: {fixed}"
            );
        }
    }

    // Additional safety: ensure normalized path is correct when not failing above.
}