Prevent information about file existence outside the allowed paths to leak by mimicing boost::filesystem::weakly_canonical.

2 files changed, 25 insertions, 0 deletions

diff --git a/libdevcore/CommonIO.cpp b/libdevcore/CommonIO.cpp
index 6526baf9..0063a8d4 100644
--- a/libdevcore/CommonIO.cpp
+++ b/libdevcore/CommonIO.cpp
@@ -167,3 +167,23 @@ int dev::readStandardInputChar()
 	DisableConsoleBuffering disableConsoleBuffering;
 	return cin.get();
 }
+
+boost::filesystem::path dev::weaklyCanonicalFilesystemPath(boost::filesystem::path const &_path)
+{
+	if (boost::filesystem::exists(_path))
+		return boost::filesystem::canonical(_path);
+	else
+	{
+		boost::filesystem::path head(_path);
+		boost::filesystem::path tail;
+		for (auto it = --_path.end(); !head.empty(); --it)
+		{
+			if (boost::filesystem::exists(head))
+				break;
+			tail = (*it) / tail;
+			head.remove_filename();
+		}
+		head = boost::filesystem::canonical(head);
+		return head / tail;
+	}
+}
diff --git a/libdevcore/CommonIO.h b/libdevcore/CommonIO.h
index 3ecdb4c3..9ba68e74 100644
--- a/libdevcore/CommonIO.h
+++ b/libdevcore/CommonIO.h
@@ -25,6 +25,7 @@
 
 #include <sstream>
 #include <string>
+#include <boost/filesystem.hpp>
 #include "Common.h"
 
 namespace dev
@@ -57,4 +58,8 @@ std::string toString(_T const& _t)
 	return o.str();
 }
 
+/// Partial implementation of boost::filesystem::weakly_canonical (available in boost>=1.60).
+/// Should be replaced by the boost implementation as soon as support for boost<1.60 can be dropped.
+boost::filesystem::path weaklyCanonicalFilesystemPath(boost::filesystem::path const &_path);
+
 }