mirror of
https://github.com/rust-lang/rust.git
synced 2025-12-27 07:22:00 +00:00
8e037ccec7
Expand documentation of PathBuf, discussing lack of sanitization Various methods in `PathBuf`, in particular `set_file_name` and `set_extension` accept strings which include path seperators (like `../../etc`). These methods just glue together strings, so you can end up with strange strings. This isn't reasonable to change/fix at this point, and might not even be fixable, but I think should be documented. In particular, you probably shouldn't blindly build paths using strings given by possibly malicious users.