Improved directory sanitization when --hide_ui_dir_config

Fixes an issue where it's still possible to write to arbitrary directories through careful use of \.. or /.. in directory patterns ...and fix the regex to work better reeeegex

Improved directory sanitization when --hide_ui_dir_config
Fixes an issue where it's still possible to write to arbitrary directories through careful use of \.. or /.. in directory patterns ...and fix the regex to work better reeeegex
dfb2e830 · EyeDeck · AUTOMATIC1111 · 4a626f6e · dfb2e830
Commit dfb2e830 authored Sep 14, 2022 by EyeDeck Committed by AUTOMATIC1111 Sep 15, 2022
Hide whitespace changes
Inline Side-by-side

Showing with 4 additions and 1 deletion

modules/images.py modules/images.py +4 -1

No files found.
--- a/modules/images.py
+++ b/modules/images.py
@@ -13,7 +13,7 @@ import string

 import modules.shared
 from modules import sd_samplers, shared
-from modules.shared import opts
+from modules.shared import opts, cmd_opts

 LANCZOS = (Image.Resampling.LANCZOS if hasattr(Image, 'Resampling') else Image.LANCZOS)

@@ -277,6 +277,9 @@ def apply_filename_pattern(x, p, seed, prompt):
    x = x.replace("[model_hash]", shared.sd_model_hash)
    x = x.replace("[date]", datetime.date.today().isoformat())

+    if cmd_opts.hide_ui_dir_config:
+        x = re.sub(r'^[\\/]+|\.{2,}[\\/]+|[\\/]+\.{2,}', '', x)
+
    return x

 def get_next_sequence_number(path, basename):