Avoid false negative on WhiteList with multiple points on path (#61)

Author: sgrampone

dotnet/dotnetframework/SecurityAPICommons/Utils/ExtensionsWhiteList.cs

@@ -28,10 +28,6 @@ public void SetExtension(string value)
 		[SecuritySafeCritical]
 		public bool IsValid(string path)
 		{
-			if (!IsValidName(path))
-			{
-				return false;
-			}
 			string ext = SecurityUtils.getFileExtension(path);
 			for (int i = 0; i < this.whitelist.Count; i++)
 			{
@@ -53,23 +49,5 @@ public bool IsEmpty()
 			return false;
 		}
 
-		private bool IsValidName(string path)
-		{
-			int counter = 0;
-			int i = 0;
-			while (i < path.Length && counter <= 2)
-			{
-				if (path[i] == '.')
-				{
-					counter++;
-				}
-				i++;
-			}
-			if (counter >= 2)
-			{
-				return false;
-			}
-			return true;
-		}
 	}
 }

dotnet/dotnetframework/SecurityAPICommons/Utils/SecurityUtils.cs

@@ -2,6 +2,7 @@
 using Org.BouncyCastle.Utilities.Encoders;
 using SecurityAPICommons.Commons;
 using System;
+using System.IO;
 using System.Security;
 
 namespace SecurityAPICommons.Utils
@@ -49,13 +50,17 @@ public static bool extensionIs(string path, string ext)
         [SecuritySafeCritical]
         public static string getFileExtension(string path)
         {
-
-            int lastIndexOf = path.LastIndexOf(".");
-            if (lastIndexOf == -1)
-            {
-                return ""; // empty extension
+            string fileName =  Path.GetFileName(path);
+            string extension;
+			try
+			{
+                extension = Path.GetExtension(fileName);
             }
-            return path.Substring(lastIndexOf);
+             catch(Exception)
+			{
+                extension = "";
+			}
+            return extension;
         }
 
 		[SecuritySafeCritical]