fix: panic on invalid file:// module specifier (#8964)

author: Maayan Hanin <maayan.asa.hanin@gmail.com> 2021-01-04 11:33:20 +0200
committer: GitHub <noreply@github.com> 2021-01-04 04:33:20 -0500
commit: 1a6969bebbaaf2615b73a8582ba95be70a64c582 (patch)
tree: c2c0205ad508c72ea4cfc80d3cdcc519691fb1df /runtime/permissions.rs
parent: 1a2e7741c33490d2a91147966019853c6b1d6a48 (diff)
1 files changed, 27 insertions, 2 deletions
diff --git a/runtime/permissions.rs b/runtime/permissions.rs
index 782c44e4f..a331ef3e9 100644
--- a/runtime/permissions.rs
+++ b/runtime/permissions.rs
@@ -581,8 +581,13 @@ impl Permissions {
   ) -> Result<(), AnyError> {
     let url = specifier.as_url();
     if url.scheme() == "file" {
-      let path = url.to_file_path().unwrap();
-      self.check_read(&path)
+      match url.to_file_path() {
+        Ok(path) => self.check_read(&path),
+        Err(_) => Err(uri_error(format!(
+          "Invalid file path.\n  Specifier: {}",
+          specifier
+        ))),
+      }
     } else {
       self.check_net_url(url)
     }
@@ -943,6 +948,26 @@ mod tests {
   }
 
   #[test]
+  fn check_invalid_specifiers() {
+    let perms = Permissions::allow_all();
+
+    let mut test_cases = vec![];
+
+    if cfg!(target_os = "windows") {
+      test_cases.push("file://");
+      test_cases.push("file:///");
+    } else {
+      test_cases.push("file://remotehost/");
+    }
+
+    for url in test_cases {
+      assert!(perms
+        .check_specifier(&ModuleSpecifier::resolve_url_or_path(url).unwrap())
+        .is_err());
+    }
+  }
+
+  #[test]
   fn test_deserialize_perms() {
     let json_perms = r#"
     {
author	Maayan Hanin <maayan.asa.hanin@gmail.com>	2021-01-04 11:33:20 +0200
committer	GitHub <noreply@github.com>	2021-01-04 04:33:20 -0500
commit	1a6969bebbaaf2615b73a8582ba95be70a64c582 (patch)
tree	c2c0205ad508c72ea4cfc80d3cdcc519691fb1df /runtime/permissions.rs
parent	1a2e7741c33490d2a91147966019853c6b1d6a48 (diff)