Making sure that a path does not break out of a base path

Question

In a web application, I get a path from the request, which I then append to a (safe) base path.
The web application has the full control over the files inside of the base path, but is not allowed to break out of it.

I need to make sure that the resulting path (base path + get path) is inside the base path.

Is it safe (and enough) to check if the path is valid by:

• replacing all \ by /,
• split by /,
• if any chunk is equal to .. mark the path as invalid?

If the path is not valid it's simply refused, otherwise I create or delete the file with the given path (depending on the action...)

Some further information:

• The system does not provide a good way to normalize the path.
• I don't expect any valid reason for a path to contain a back path (/../). The client needs to normalize the path before sending it.

Answer 1

I can't think of a way within the Unix/Windows/MacOS systems I'm familiar with for the methodology you're talking about to go wrong. That said, it's fundamentally a low reliability methodology that's completely vulnerable to obscure corner cases in, or changes to, the software that translates your filenames into file system locations. I would always prefer to use actual file system routines to fully resolve the path and then verify that that is present within the area you want.