fileutil

package
v0.64.4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 30, 2026 License: MIT Imports: 8 Imported by: 0

Documentation

Overview

Package fileutil provides utility functions for working with file paths and file operations.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func CopyFile added in v0.47.0 

func CopyFile(src, dst string) error

CopyFile copies a file from src to dst using buffered IO.

func DirExists added in v0.47.0 

func DirExists(path string) bool

DirExists checks if a directory exists.

func ExtractFileFromTar added in v0.49.0 

func ExtractFileFromTar(data []byte, path string) ([]byte, error)

ExtractFileFromTar extracts a single file from a tar archive. Uses Go's standard archive/tar for cross-platform compatibility instead of spawning an external tar process which may not be available on all platforms.

path must be a local, relative path (no absolute paths or ".." components). filepath.IsLocal is used to enforce this for both the search target and each tar entry name, guarding against path-traversal payloads embedded in archives.

func FileExists added in v0.47.0 

func FileExists(path string) bool

FileExists checks if a file exists and is not a directory.

func IsDirEmpty added in v0.47.0 

func IsDirEmpty(path string) bool

IsDirEmpty checks if a directory is empty.

func MustBeWithin added in v0.64.1 

func MustBeWithin(base, candidate string) error

MustBeWithin checks that candidate is located within the base directory tree. Both paths are resolved via filepath.EvalSymlinks (with filepath.Abs as fallback when a path does not yet exist) before comparison, so neither ".." components nor symlinks pointing outside base can be used to escape.

Returns an error when:

  • Either path cannot be resolved to an absolute form.
  • The resolved candidate path starts outside the resolved base directory.

func ValidateAbsolutePath 

func ValidateAbsolutePath(path string) (string, error)

ValidateAbsolutePath validates that a file path is absolute and safe to use. It performs the following security checks:

  • Cleans the path using filepath.Clean to normalize . and .. components
  • Verifies the path is absolute to prevent relative path traversal attacks

Returns the cleaned absolute path if validation succeeds, or an error if:

  • The path is empty
  • The path is relative (not absolute)

This function should be used before any file operations (read, write, stat, etc.) to ensure defense-in-depth security against path traversal vulnerabilities.

Example:

cleanPath, err := fileutil.ValidateAbsolutePath(userInputPath) 

if err != nil {
   return fmt.Errorf("invalid path: %w", err)
}

content, err := os.ReadFile(cleanPath)

Types

This section is empty.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.