From 2ca014250fbf0bba94c914d9e43b1f6d8eca3bb0 Mon Sep 17 00:00:00 2001
From: Joe Chen <jc@unknwon.io>
Date: Tue, 7 Jun 2022 20:34:46 +0800
Subject: pathutil: check both styles of `os.PathSeparator` (#7020)

---
 internal/pathutil/pathutil.go | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'internal/pathutil/pathutil.go')

diff --git a/internal/pathutil/pathutil.go b/internal/pathutil/pathutil.go
index 6a7286e1..26ea76b6 100644
--- a/internal/pathutil/pathutil.go
+++ b/internal/pathutil/pathutil.go
@@ -9,7 +9,9 @@ import (
 	"strings"
 )
 
-// Clean cleans up given path and returns a relative path that goes straight down.
+// Clean cleans up given path and returns a relative path that goes straight
+// down to prevent path traversal.
 func Clean(p string) string {
+	p = strings.ReplaceAll(p, `\`, "/")
 	return strings.Trim(path.Clean("/"+p), "/")
 }
-- 
cgit v1.2.3