[llvm-cov] Do not allow ".." to escape the coverage sub-directory

In -output-dir mode, file reports are placed into a "coverage"
directory. If filenames in the coverage mapping contain "..", they might
escape out of this directory.

Fix the problem by removing ".." from source filenames (expand the path
component).

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@274135 91177308-0d34-0410-b5e6-96231b3b80d8

Author: vedantk

test/tools/llvm-cov/Inputs/double_dots.covmapping

@@ -0,0 +1,8 @@
+main
+# Func Hash:
+0
+# Num Counters:
+1
+# Counter Values:
+1
+

test/tools/llvm-cov/Inputs/double_dots.proftext

@@ -0,0 +1,11 @@
+// To create the covmapping for this file, copy this file to /tmp/dots/test.c,
+// cd into /tmp/dots, and pass "../dots/double_dots.c" to the compiler. Use
+// llvm-cov convert-for-testing to extract the covmapping.
+
+// RUN: llvm-profdata merge %S/Inputs/double_dots.proftext -o %t.profdata
+// RUN: llvm-cov show %S/Inputs/double_dots.covmapping -instr-profile=%t.profdata -o %t.dir
+// RUN: FileCheck -input-file=%t.dir/index.txt %s
+
+// CHECK-NOT: coverage{{.*}}dots{{.*}}..{{.*}}dots
+
+int main() {}

test/tools/llvm-cov/double_dots.c

@@ -35,8 +35,9 @@ std::string CoveragePrinter::getOutputPath(StringRef Path, StringRef Extension,
   if (!InToplevel)
     sys::path::append(FullPath, getCoverageDir());
 
-  auto PathBaseDir = sys::path::relative_path(sys::path::parent_path(Path));
-  sys::path::append(FullPath, PathBaseDir);
+  SmallString<256> ParentPath = sys::path::parent_path(Path);
+  sys::path::remove_dots(ParentPath, /*remove_dot_dots=*/true);
+  sys::path::append(FullPath, sys::path::relative_path(ParentPath));
 
   auto PathFilename = (sys::path::filename(Path) + "." + Extension).str();
   sys::path::append(FullPath, PathFilename);