Checking validity of coqdoc file name.

This fixes #12265 (javascript injection vulnerability in file name).

2 files changed, 4 insertions, 1 deletions

diff --git a/tools/coqdoc/dune b/tools/coqdoc/dune
index 9c0a6ccffe..e3c792f277 100644
--- a/tools/coqdoc/dune
+++ b/tools/coqdoc/dune
@@ -9,6 +9,6 @@
  (name main)
  (public_name coqdoc)
  (package coq)
- (libraries str coq.config))
+ (libraries str coq.config coq.clib))
 
 (ocamllex cpretty)
diff --git a/tools/coqdoc/main.ml b/tools/coqdoc/main.ml
index 1be247366d..6ebf9b71d6 100644
--- a/tools/coqdoc/main.ml
+++ b/tools/coqdoc/main.ml
@@ -127,6 +127,9 @@ let rec name_of_path p name dirname suffix =
 let coq_module filename =
   let bfname = Filename.chop_extension filename in
   let dirname, fname = normalize_filename bfname in
+  let _ = match Unicode.ident_refutation fname with
+    | Some err -> eprintf "\ncoqdoc: not a valid filename %s.v\n" fname; exit 1
+    | None -> () in
   let rec change_prefix = function
     (* Follow coqc: if in scope of -R, substitute logical name *)
     (* otherwise, keep only base name *)