From 9b1bf98aa2c79482b619daa03e47eb3ee096ed41 Mon Sep 17 00:00:00 2001
From: Ivan Mironov <mironov.ivan@gmail.com>
Date: Mon, 15 Nov 2021 22:02:15 +0500
Subject: [PATCH] Accept only decimal digits in file names inside snapshot
 (#21213)

This also should make snapshot validation a bit faster.
---
 runtime/src/hardened_unpack.rs | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/runtime/src/hardened_unpack.rs b/runtime/src/hardened_unpack.rs
index 7580ab4b10..f56c20808f 100644
--- a/runtime/src/hardened_unpack.rs
+++ b/runtime/src/hardened_unpack.rs
@@ -346,7 +346,7 @@ fn all_digits(v: &str) -> bool {
         return false;
     }
     for x in v.chars() {
-        if !x.is_numeric() {
+        if !x.is_digit(10) {
             return false;
         }
     }
@@ -357,7 +357,7 @@ fn like_storage(v: &str) -> bool {
     let mut periods = 0;
     let mut saw_numbers = false;
     for x in v.chars() {
-        if !x.is_numeric() {
+        if !x.is_digit(10) {
             if x == '.' {
                 if periods > 0 || !saw_numbers {
                     return false;
@@ -521,6 +521,10 @@ mod tests {
             &["snapshots", "0x"],
             tar::EntryType::Directory
         ));
+        assert!(!is_valid_snapshot_archive_entry(
+            &["snapshots", "①"],
+            tar::EntryType::Directory
+        ));
         assert!(!is_valid_snapshot_archive_entry(
             &["snapshots", "0", "aa"],
             tar::EntryType::Regular
@@ -567,6 +571,10 @@ mod tests {
             &["accounts", "232323"],
             tar::EntryType::Regular
         ));
+        assert!(!is_valid_snapshot_archive_entry(
+            &["accounts", "৬.¾"],
+            tar::EntryType::Regular
+        ));
     }
 
     #[test]