Raised SuspiciousFileOperation in safe_join.

Added a test for the condition safe_join is designed to prevent.

Previously, a generic ValueError was raised. It was impossible to tell
an intentional exception raised to implement safe_join's contract from
an unintentional exception caused by incorrect inputs or unexpected
conditions. That resulted in bizarre exception catching patterns, which
this patch removes.

Since safe_join is a private API and since the change is unlikely to
create security issues for users who use it anyway -- at worst, an
uncaught SuspiciousFileOperation exception will bubble up -- it isn't
documented.

1 files changed, 4 insertions, 2 deletions

diff --git a/django/utils/_os.py b/django/utils/_os.py
index 1d7ddf619e..bcfe3de636 100644
--- a/django/utils/_os.py
+++ b/django/utils/_os.py
@@ -4,6 +4,7 @@ import sys
 import tempfile
 from os.path import join, normcase, normpath, abspath, isabs, sep, dirname
 
+from django.core.exceptions import SuspiciousFileOperation
 from django.utils.encoding import force_text
 from django.utils import six
 
@@ -77,8 +78,9 @@ def safe_join(base, *paths):
     if (not normcase(final_path).startswith(normcase(base_path + sep)) and
             normcase(final_path) != normcase(base_path) and
             dirname(normcase(base_path)) != normcase(base_path)):
-        raise ValueError('The joined path (%s) is located outside of the base '
-                         'path component (%s)' % (final_path, base_path))
+        raise SuspiciousFileOperation(
+            'The joined path ({}) is located outside of the base path '
+            'component ({})'.format(final_path, base_path))
     return final_path