From dfb2e830d9f84fe5495c01ba0e70f5eaa2ce0bff Mon Sep 17 00:00:00 2001 From: EyeDeck Date: Wed, 14 Sep 2022 21:05:00 -0400 Subject: [PATCH] Improved directory sanitization when --hide_ui_dir_config Fixes an issue where it's still possible to write to arbitrary directories through careful use of \.. or /.. in directory patterns ...and fix the regex to work better reeeegex --- modules/images.py | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/modules/images.py b/modules/images.py index 8c06ff240..1c01d6d89 100644 --- a/modules/images.py +++ b/modules/images.py @@ -13,7 +13,7 @@ import string import modules.shared from modules import sd_samplers, shared -from modules.shared import opts +from modules.shared import opts, cmd_opts LANCZOS = (Image.Resampling.LANCZOS if hasattr(Image, 'Resampling') else Image.LANCZOS) @@ -277,6 +277,9 @@ def apply_filename_pattern(x, p, seed, prompt): x = x.replace("[model_hash]", shared.sd_model_hash) x = x.replace("[date]", datetime.date.today().isoformat()) + if cmd_opts.hide_ui_dir_config: + x = re.sub(r'^[\\/]+|\.{2,}[\\/]+|[\\/]+\.{2,}', '', x) + return x def get_next_sequence_number(path, basename):