Will have to investigate (this will take time). Since you say you have unit
tests the reproduce the problem, you can debug the code and see exactly why it
happens. I recommend you do it with the source code for 1.2 which is the latest
one. Once you find the problem, please re-open SSHD-601 and attache the patch...
> Date: Mon, 11 Apr 2016 09:20:15 -0700
> Subject: Re: VirtualFileSystem able to mkdir and chdir to non rooted directory
> From: a...@linkedin.com.INVALID
> To: dev@mina.apache.org
>
> Thanks Elijah, I should have stated that I'm using version 1.1.0 on El
> Capitan v 10.11.3:
>
> $ md5 sshd-core-1.1.0.jar
> MD5 (sshd-core-1.1.0.jar) = 6e94f5cd80de88ddaaa80bb2ff3fa793
>
> I've written some unit tests (that's how I discovered the issue) on our end
> here to check to see that an InvalidPathException is thrown using the code
> above (it can be cleaned up, but is mostly the same).
>
> Maybe my version is out of date or there is still an issue?
>
> On Sat, Apr 9, 2016 at 12:45 AM, elijah baley <e_ba...@outlook.com> wrote:
>
> > This has been fixed in version 1.1 and up via SSHD-605
> >
> > > Date: Fri, 8 Apr 2016 15:48:10 -0700
> > > Subject: VirtualFileSystem able to mkdir and chdir to non rooted
> > directory
> > > From: a...@linkedin.com.INVALID
> > > To: dev@mina.apache.org
> > >
> > > Hi SSHD team,
> > >
> > > Not sure if this is a bug or not, but when I instantiate a new FileSystem
> > > using the VirtualFileSystemFactory and RootedFileSystemProvider, as a
> > user
> > > on the box, I am able to mkdir and get/put files in parent (i.e.
> > > non-subpath) paths of the supposed "root" if I do something like
> > >
> > > sftp> pwd
> > > Remote working directory: /
> > >
> > > $ put ../thisismyfile
> > >
> > > It seems like the resolveLocalPath which is supposed to throw an
> > > InvalidPathException if the path is not a proper subpath of the rooted
> > file
> > > system needs to normalize the path in addition to doing it's nullity
> > > checks. I was able to prevent this behavior by doing something like
> > this,
> > > but not sure if this is the best approach.
> > >
> > > Any guidance/explanation would be appreciated. Thanks.
> > >
> > > public class FixedRootedFileSystemProvider extends
> > RootedFileSystemProvider {
> > >
> > > private static final Logger LOG =
> > > LoggerFactory.getLogger(FixedRootedFileSystemProvider.class);
> > >
> > > public FixedRootedFileSystemProvider() { super(); }
> > >
> > > @Override
> > > protected Path resolveLocalPath(RootedPath path) {
> > > Path resolvedLocalPath = super.resolveLocalPath(path);
> > > return validateParent(path, resolvedLocalPath);
> > > }
> > >
> > > private Path validateParent(RootedPath path, Path localPath) throws
> > > InvalidPathException {
> > > RootedFileSystem rfs = path.getFileSystem();
> > > Path root = rfs.getRoot();
> > >
> > > if
> > (!localPath.toAbsolutePath().normalize().startsWith(root.toAbsolutePath().normalize()))
> > > { //i.e. is not a REAL subpath
> > > LOG.info("{} is not a subpath of the root FS path " +
> > > root.toAbsolutePath().normalize(),
> > > localPath.toAbsolutePath().normalize());
> > > throw new InvalidPathException(localPath.toString(), "Invalid
> > path");
> > > }
> > > return localPath;
> > > }
> > > }
> >
> >
