Function: sanitizeDirPath()

sanitizeDirPath(p, base?): string

Resolves a user-supplied path to an absolute form and validates it.

Always rejects paths containing null bytes or newlines (C-level argument injection risk even with array-form execFile).

When base is provided, also enforces containment: the resolved path must start with the resolved base directory. This startsWith-based check is the pattern that CodeQL's path-injection analysis recognises as a sanitizer, clearing the taint on the returned value for interprocedural analysis.

Parameters

p

string

base?

string

Returns

string

Parameters​

p​

base?​

Returns​

Parameters

p

base?

Returns