loader: validate atlas names before loading

2 files changed, 17 insertions, 0 deletions

diff --git a/loader/atlas.cpp b/loader/atlas.cpp
index 659f716a..6b5060e7 100644
--- a/loader/atlas.cpp
+++ b/loader/atlas.cpp
@@ -15,6 +15,8 @@ namespace floormat::loader_detail {
 
 std::shared_ptr<tile_atlas> loader_impl::tile_atlas(StringView name, Vector2ub size)
 {
+    fm_assert(check_atlas_name(name));
+
     const emplacer e{[&] { return std::make_shared<struct tile_atlas>(name, texture(IMAGE_PATH, name), size); }};
     auto atlas = tile_atlas_map.try_emplace(name, e).first->second;
     return atlas;
@@ -29,6 +31,8 @@ ArrayView<String> loader_impl::anim_atlas_list()
 
 std::shared_ptr<anim_atlas> loader_impl::anim_atlas(StringView name)
 {
+    fm_assert(check_atlas_name(name));
+
     if (auto it = anim_atlas_map.find(name); it != anim_atlas_map.end())
         return it->second;
     else
@@ -78,4 +82,16 @@ void loader_impl::get_anim_atlas_list()
                 anim_atlases.emplace_back(str.exceptSuffix(std::size(".json")-1));
 }
 
+bool loader_impl::check_atlas_name(StringView str)
+{
+    if (str.isEmpty())
+        return false;
+    if (str.findAny("\\<>&;:'\" ") || str.find("/."))
+        return false;
+    if (str[0] == '.' || str[0] == '/')
+        return false;
+
+    return true;
+}
+
 } // namespace floormat::loader_detail
diff --git a/loader/impl.hpp b/loader/impl.hpp
index 343d3ee1..04b9733f 100644
--- a/loader/impl.hpp
+++ b/loader/impl.hpp
@@ -37,6 +37,7 @@ struct loader_impl final : loader_
     static anim_def deserialize_anim(StringView filename);
     static void system_init();
     static bool chdir(StringView pathname);
+    [[nodiscard]] static bool check_atlas_name(StringView name);
     void ensure_plugins();
 
     explicit loader_impl();