more validation for containerName and blobKey to avoid access escape

Author: jixinchi

apis/filesystem/src/main/java/org/jclouds/filesystem/predicates/validators/internal/FilesystemBlobKeyValidatorImpl.java

@@ -38,6 +38,8 @@ public void validate(String name) throws IllegalArgumentException {
         //blobkey cannot start with / (or \ in Windows) character
         if (name.startsWith("\\") || name.startsWith("/"))
             throw new IllegalArgumentException("Blob key '" + name + "' cannot start with \\ or /");
+        if (name.contains("../"))
+            throw new IllegalArgumentException("Blob key '" + name + "' cannot contains ../");
     }
 
 }

apis/filesystem/src/main/java/org/jclouds/filesystem/predicates/validators/internal/FilesystemContainerNameValidatorImpl.java

@@ -38,6 +38,8 @@ public void validate(String name) throws IllegalArgumentException {
         //container name cannot contains / (or \ in Windows) character
         if (name.contains("\\") || name.contains("/"))
             throw new IllegalArgumentException("Container name '" + name + "' cannot contain \\ or /");
+        if (name.equals(".") || name.equals(".."))
+            throw new IllegalArgumentException("Container name cannot be . or ..");
     }
 
 }

apis/filesystem/src/main/java/org/jclouds/filesystem/strategy/internal/FilesystemStorageStrategyImpl.java

@@ -187,6 +187,7 @@ public boolean createContainerInLocation(String container, Location location, Cr
 
    @Override
    public ContainerAccess getContainerAccess(String container) {
+      filesystemContainerNameValidator.validate(container);
       File file = new File(buildPathStartingFromBaseDir(container));
       if (!file.exists()) {
          throw new ContainerNotFoundException(container, "in getContainerAccess");
@@ -217,6 +218,7 @@ public ContainerAccess getContainerAccess(String container) {
 
    @Override
    public void setContainerAccess(String container, ContainerAccess access) {
+      filesystemContainerNameValidator.validate(container);
       Path path = new File(buildPathStartingFromBaseDir(container)).toPath();
 
       if ( isWindows() ) {
@@ -310,6 +312,7 @@ else if (object.isDirectory() && (optsPrefix.endsWith(File.separator) || isNullO
 
    @Override
    public StorageMetadata getContainerMetadata(String container) {
+      filesystemContainerNameValidator.validate(container);
       MutableStorageMetadata metadata = new MutableStorageMetadataImpl();
       metadata.setName(container);
       metadata.setType(StorageType.CONTAINER);
@@ -378,6 +381,8 @@ public String apply(String string) {
 
    @Override
    public Blob getBlob(final String container, final String key) {
+      filesystemContainerNameValidator.validate(container);
+      filesystemBlobKeyValidator.validate(key);
       BlobBuilder builder = blobBuilders.get();
       builder.name(key);
       File file = getFileForBlobKey(container, key);
@@ -658,6 +663,8 @@ public void removeBlob(final String container, final String blobKey) {
 
    @Override
    public BlobAccess getBlobAccess(String containerName, String blobName) {
+      filesystemContainerNameValidator.validate(containerName);
+      filesystemBlobKeyValidator.validate(blobName);
       if (!new File(buildPathStartingFromBaseDir(containerName)).exists()) {
          throw new ContainerNotFoundException(containerName, "in getBlobAccess");
       }
@@ -691,6 +698,8 @@ public BlobAccess getBlobAccess(String containerName, String blobName) {
 
    @Override
    public void setBlobAccess(String container, String name, BlobAccess access) {
+      filesystemContainerNameValidator.validate(container);
+      filesystemBlobKeyValidator.validate(name);
       Path path = new File(buildPathStartingFromBaseDir(container, name)).toPath();
       if ( isWindows() ) {
          try {