From 83be3c93b15757e2b3aa7eb96424713fb1842806 Mon Sep 17 00:00:00 2001
From: Varun Patil <varunpatil@ucla.edu>
Date: Sun, 16 Apr 2023 15:58:11 -0700
Subject: [PATCH] sec: better path sanitization

Signed-off-by: Varun Patil <varunpatil@ucla.edu>
---
 lib/Controller/ArchiveController.php |  2 +-
 lib/Db/FsManager.php                 |  4 ++--
 lib/Exif.php                         | 12 +++---------
 3 files changed, 6 insertions(+), 12 deletions(-)

diff --git a/lib/Controller/ArchiveController.php b/lib/Controller/ArchiveController.php
index 51c393d7..aafd0662 100644
--- a/lib/Controller/ArchiveController.php
+++ b/lib/Controller/ArchiveController.php
@@ -134,7 +134,7 @@ class ArchiveController extends GenericApiController
             } else {
                 // file not in archive, put it in there
                 $af = \OCA\Memories\Util::$ARCHIVE_FOLDER;
-                $destinationPath = Exif::removeExtraSlash($af.$relativeFilePath);
+                $destinationPath = Exif::sanitizePath($af.$relativeFilePath);
             }
 
             // Remove the filename
diff --git a/lib/Db/FsManager.php b/lib/Db/FsManager.php
index cc0fdec9..8c92ec37 100644
--- a/lib/Db/FsManager.php
+++ b/lib/Db/FsManager.php
@@ -103,13 +103,13 @@ class FsManager
 
         try {
             if (null !== $folderPath) {
-                $folder = $userFolder->get(Exif::removeExtraSlash($folderPath));
+                $folder = $userFolder->get(Exif::sanitizePath($folderPath));
                 $root->addFolder($folder);
             } else {
                 // Get timeline paths
                 $paths = Exif::getTimelinePaths($uid);
                 if ($path = $this->request->getParam('timelinePath', null)) {
-                    $paths = [Exif::removeExtraSlash($path)];
+                    $paths = [Exif::sanitizePath($path)];
                 }
 
                 // Combined etag, for cache invalidation.
diff --git a/lib/Exif.php b/lib/Exif.php
index d65448b0..835248bf 100644
--- a/lib/Exif.php
+++ b/lib/Exif.php
@@ -81,15 +81,9 @@ class Exif
      */
     public static function sanitizePath(string $path)
     {
-        return mb_ereg_replace('([^\\w\\s\\d\\-_~,;:!@#$&*{}\[\]\'\\[\\]\\(\\).\\\/])', '', $path);
-    }
-
-    /**
-     * Keep only one slash if multiple repeating.
-     */
-    public static function removeExtraSlash(string $path)
-    {
-        return mb_ereg_replace('\/\/+', '/', $path);
+        $path = mb_ereg_replace('([^\\w\\s\\d\\-_~,;:!@#$&*{}\[\]\'\\[\\]\\(\\).\\\/])', '', $path);
+        $path = mb_ereg_replace('\/\/+', '/', $path); // remove extra slashes
+        return $path;
     }
 
     /**