Function validate_path

Source

pub fn validate_path(
    path: &Path,
    dest: &DestDir,
    config: &SecurityConfig,
) -> Result<SafePath>

Expand description

Validates that a path does not contain traversal attempts.

This function delegates to SafePath::validate() which performs comprehensive validation including:

Null byte detection
Absolute path rejection (unless allowed)
Parent directory traversal (..) detection
Path depth limiting
Banned component checking
Path normalization
Destination boundary verification

§Performance

For non-existing paths: ~300-500 ns (no I/O syscalls) For existing paths: ~5-50 μs (involves canonicalize() syscalls)

§Errors

Returns an error if the path contains:

ExtractionError::PathTraversal for .. or absolute paths
ExtractionError::SecurityViolation for banned components or excessive depth

§Examples

use exarch_core::SecurityConfig;
use exarch_core::security::validate_path;
use exarch_core::types::DestDir;
use std::path::Path;
use std::path::PathBuf;

let dest = DestDir::new(PathBuf::from("/tmp"))?;
let config = SecurityConfig::default();

// Valid path
let path = Path::new("foo/bar.txt");
let safe_path = validate_path(path, &dest, &config)?;

// Path traversal is rejected
let path = Path::new("../etc/passwd");
assert!(validate_path(path, &dest, &config).is_err());

validate_path

Function validate_path Copy item path

§Performance

§Errors

§Examples

Function validate_path