import java.io.File;
import java.util.regex.Pattern;
class DirectorySanitizer {
/**
* Sanitizes a directory path to prevent malicious execution.
*
* @param input The directory path to sanitize.
* @return A sanitized directory path, or null if the input is invalid.
*/
public static String sanitizeDirectory(String input) {
if (input == null || input.trim().isEmpty()) {
return null; // Handle null or empty input
}
// Basic validation: Check for dangerous characters and path traversal attempts.
String sanitizedPath = input.replaceAll("[<>\\\"/\\?*]", ""); // Remove potentially harmful characters
sanitizedPath = sanitizedPath.replace("..", ""); // Remove path traversal sequences
// Validate the sanitized path to ensure it's a valid directory.
File file = new File(sanitizedPath);
if (!file.exists() || !file.isDirectory()) {
return null; // Invalid directory
}
return sanitizedPath;
}
public static void main(String[] args) {
// Example usage
String input1 = "/path/to/my/directory";
String sanitized1 = sanitizeDirectory(input1);
System.out.println("Input: " + input1 + ", Sanitized: " + sanitized1); // Expected: /path/to/my/directory
String input2 = "c:\\path\\to\\my\\directory";
String sanitized2 = sanitizeDirectory(input2);
System.out.println("Input: " + input2 + ", Sanitized: " + sanitized2); // Expected: c:\path\to\my\directory
String input3 = "path/to/../another/directory";
String sanitized3 = sanitizeDirectory(input3);
System.out.println("Input: " + input3 + ", Sanitized: " + sanitized3); // Expected: path/to/another/directory
String input4 = "invalid/path";
String sanitized4 = sanitizeDirectory(input4);
System.out.println("Input: " + input4 + ", Sanitized: " + sanitized4); // Expected: null
String input5 = null;
String sanitized5 = sanitizeDirectory(input5);
System.out.println("Input: " + input5 + ", Sanitized: " + sanitized5); // Expected: null
String input6 = "";
String sanitized6 = sanitizeDirectory(input6);
System.out.println("Input: " + input6 + ", Sanitized: " + sanitized6); // Expected: null
}
}
Add your comment