From 8d9c304ad7e951982af989ed4d8d15509db13362 Mon Sep 17 00:00:00 2001
From: Ludy <Ludy87@users.noreply.github.com>
Date: Thu, 20 Mar 2025 08:58:22 +0100
Subject: [PATCH] Normalize File Path for Font Resource Loading (#3179)

# Description of Changes

Please provide a summary of the changes, including:

- Added logic to normalize file paths when retrieving font resources.
- Ensured that file paths starting with `file:` are properly sanitized
and formatted to prevent inconsistencies.
- Replaced `\*` and `/*` in the path to ensure proper pattern matching.
- Used `Paths.get(rawPath).normalize()` to avoid potential path
traversal issues.
- Updated `locationPattern` to ensure it uses a consistent format across
different operating systems.

This change improves reliability in loading fonts from local file paths
and prevents potential errors related to improperly formatted paths.

Closes #3178

---

## Checklist

### General

- [x] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [x] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md)
(if applicable)
- [x] I have performed a self-review of my own code
- [x] My changes generate no new warnings

### Documentation

- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)

### UI Changes (if applicable)

- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)

### Testing (if applicable)

- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md#6-testing)
for more details.
---
 .../controller/web/GeneralWebController.java     |  5 ++---
 .../software/SPDF/utils/GeneralUtils.java        | 16 ++++++++++++++++
 2 files changed, 18 insertions(+), 3 deletions(-)

diff --git a/src/main/java/stirling/software/SPDF/controller/web/GeneralWebController.java b/src/main/java/stirling/software/SPDF/controller/web/GeneralWebController.java
index 34202cff9..ed6b247ce 100644
--- a/src/main/java/stirling/software/SPDF/controller/web/GeneralWebController.java
+++ b/src/main/java/stirling/software/SPDF/controller/web/GeneralWebController.java
@@ -13,7 +13,6 @@ import java.util.stream.Stream;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.core.io.Resource;
 import org.springframework.core.io.ResourceLoader;
-import org.springframework.core.io.support.ResourcePatternUtils;
 import org.springframework.stereotype.Controller;
 import org.springframework.ui.Model;
 import org.springframework.web.bind.annotation.GetMapping;
@@ -31,6 +30,7 @@ import stirling.software.SPDF.config.RuntimePathConfig;
 import stirling.software.SPDF.controller.api.pipeline.UserServiceInterface;
 import stirling.software.SPDF.model.SignatureFile;
 import stirling.software.SPDF.service.SignatureService;
+import stirling.software.SPDF.utils.GeneralUtils;
 
 @Controller
 @Tag(name = "General", description = "General APIs")
@@ -241,8 +241,7 @@ public class GeneralWebController {
     private List<FontResource> getFontNamesFromLocation(String locationPattern) {
         try {
             Resource[] resources =
-                    ResourcePatternUtils.getResourcePatternResolver(resourceLoader)
-                            .getResources(locationPattern);
+                    GeneralUtils.getResourcesFromLocationPattern(locationPattern, resourceLoader);
             return Arrays.stream(resources)
                     .map(
                             resource -> {
diff --git a/src/main/java/stirling/software/SPDF/utils/GeneralUtils.java b/src/main/java/stirling/software/SPDF/utils/GeneralUtils.java
index d2615935f..9172b5151 100644
--- a/src/main/java/stirling/software/SPDF/utils/GeneralUtils.java
+++ b/src/main/java/stirling/software/SPDF/utils/GeneralUtils.java
@@ -15,6 +15,9 @@ import java.util.Enumeration;
 import java.util.List;
 import java.util.UUID;
 
+import org.springframework.core.io.Resource;
+import org.springframework.core.io.ResourceLoader;
+import org.springframework.core.io.support.ResourcePatternUtils;
 import org.springframework.web.multipart.MultipartFile;
 
 import com.fathzer.soft.javaluator.DoubleEvaluator;
@@ -73,6 +76,19 @@ public class GeneralUtils {
         return safeName;
     }
 
+    // Get resources from a location pattern
+    public static Resource[] getResourcesFromLocationPattern(
+            String locationPattern, ResourceLoader resourceLoader) throws Exception {
+        // Normalize the path for file resources
+        if (locationPattern.startsWith("file:")) {
+            String rawPath = locationPattern.substring(5).replace("\\*", "").replace("/*", "");
+            Path normalizePath = Paths.get(rawPath).normalize();
+            locationPattern = "file:" + normalizePath.toString().replace("\\", "/") + "/*";
+        }
+        return ResourcePatternUtils.getResourcePatternResolver(resourceLoader)
+                .getResources(locationPattern);
+    }
+
     public static boolean isValidURL(String urlStr) {
         try {
             Urls.create(