[TEST] add vuln code

pentaho · Jan 21, 2025 · 68dd63d · 68dd63d
1 parent 7b95ed9
commit 68dd63d
Showing 1 changed file with 7 additions and 0 deletions.
diff --git a/mondrian/src/main/java/mondrian/spi/impl/AccessDialect.java b/mondrian/src/main/java/mondrian/spi/impl/AccessDialect.java
@@ -11,6 +11,7 @@
 import java.sql.*;
 import java.util.Calendar;
 import java.util.List;
+import java.io.File;
 
 /**
  * Implementation of {@link mondrian.spi.Dialect} for the Microsoft Access
@@ -35,6 +36,12 @@ public AccessDialect(Connection connection) throws SQLException {
         super(connection);
     }
 
+    public void example(File dir, File parent) throws IOException {
+        if (!dir.getCanonicalPath().startsWith(parent.getCanonicalPath())) {
+            throw new IOException("Path traversal attempt: " + dir.getCanonicalPath());
+        }
+    }
+
     public String toUpper(String expr) {
         return "UCASE(" + expr + ")";
     }