From b4463faa039a062344b37a2e35b7cddef8bd40c4 Mon Sep 17 00:00:00 2001
From: Michael Mraka <michael.mraka@redhat.com>
Date: Wed, 25 Sep 2024 14:06:23 +0200
Subject: [PATCH] RHINENG-12951: fix for CWE-23

---
 database_admin/migrate.go | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/database_admin/migrate.go b/database_admin/migrate.go
index f91b7c8dd..054018dec 100644
--- a/database_admin/migrate.go
+++ b/database_admin/migrate.go
@@ -5,6 +5,7 @@ import (
 	"database/sql"
 	"fmt"
 	"os"
+	"path/filepath"
 	"strconv"
 	"strings"
 
@@ -73,7 +74,7 @@ func MigrateUp(conn database.Driver, sourceURL string) {
 func latestSchemaMigrationFileVersion(sourceURL string) (int, error) {
 	latestVer := 0
 	dir := sourceURL[len("file://"):]
-	files, err := os.ReadDir(dir)
+	files, err := os.ReadDir(filepath.Clean(dir))
 	if err != nil {
 		return 0, errors.Wrap(err, fmt.Sprintf("Error reading migration files %s in %s", files, dir))
 	}