class Asciidoctor::PathResolver

def system_path target, start = nil, jail = nil, opts = {}

are expanded.
jail path, if specified. The path is posixified and all parent and self references in the path
Returns an absolute String path relative to the start path, if specified, and confined to the

* :target_name is used in messages to refer to the path being resolved
automatically recover when an illegal path is encountered
* :recover is used to control whether the processor should
opts - an optional Hash of options to control processing (default: {}):
absolute path (default: nil)
jail - the String jail path to which to confine the resolved path, if specified; must be an
specified, or the working directory specified in the constructor (default: nil)
start - the String start path from which to resolve a relative target; falls back to jail, if
target - the String target path

parent and self references in the resolved path.
the target is an absolute path, use it as is (unless it breaches the jail path). Expands all
path. If a jail path is not provided, the resolved path may be any location on the system. If
that order. If a jail path is specified, the resolved path is forced to descend from the jail
relative to the start path, jail path, or working directory (specified in the constructor), in
Resolves the target to an absolute path on the current filesystem. The target is assumed to be

Public: Securely resolve a system path 
def system_path target, start = nil, jail = nil, opts = {}
  if jail
    raise ::SecurityError, %(Jail is not an absolute path: #{jail}) unless root? jail
    #raise ::SecurityError, %(Jail is not a canonical path: #{jail}) if jail.include? DOT_DOT
    jail = posixify jail
  end
  if target
    if root? target
      target_path = expand_path target
      if jail && !(descends_from? target_path, jail)
        if opts.fetch :recover, true
          logger.warn %(#{opts[:target_name] || 'path'} is outside of jail; recovering automatically)
          target_segments, = partition_path target_path
          jail_segments, jail_root = partition_path jail
          return join_path jail_segments + target_segments, jail_root
        else
          raise ::SecurityError, %(#{opts[:target_name] || 'path'} #{target} is outside of jail: #{jail} (disallowed in safe mode))
        end
      end
      return target_path
    else
      target_segments, = partition_path target
    end
  else
    target_segments = []
  end
  if target_segments.empty?
    if start.nil_or_empty?
      return jail || @working_dir
    elsif root? start
      if jail
        start = posixify start
      else
        return expand_path start
      end
    else
      target_segments, = partition_path start
      start = jail || @working_dir
    end
  elsif start.nil_or_empty?
    start = jail || @working_dir
  elsif root? start
    start = posixify start if jail
  else
    #start = system_path start, jail, jail, opts
    start = %(#{(jail || @working_dir).chomp '/'}/#{start})
  end
  # both jail and start have been posixified at this point if jail is set
  if jail && (recheck = !(descends_from? start, jail)) && @file_separator == BACKSLASH
    start_segments, start_root = partition_path start
    jail_segments, jail_root = partition_path jail
    if start_root != jail_root
      if opts.fetch :recover, true
        logger.warn %(start path for #{opts[:target_name] || 'path'} is outside of jail root; recovering automatically)
        start_segments = jail_segments
        recheck = false
      else
        raise ::SecurityError, %(start path for #{opts[:target_name] || 'path'} #{start} refers to location outside jail root: #{jail} (disallowed in safe mode))
      end
    end
  else
    start_segments, jail_root = partition_path start
  end
  if (resolved_segments = start_segments + target_segments).include? DOT_DOT
    unresolved_segments, resolved_segments = resolved_segments, []
    if jail
      jail_segments, = partition_path jail unless jail_segments
      warned = false
      unresolved_segments.each do |segment|
        if segment == DOT_DOT
          if resolved_segments.size > jail_segments.size
            resolved_segments.pop
          elsif opts.fetch :recover, true
            unless warned
              logger.warn %(#{opts[:target_name] || 'path'} has illegal reference to ancestor of jail; recovering automatically)
              warned = true
            end
          else
            raise ::SecurityError, %(#{opts[:target_name] || 'path'} #{target} refers to location outside jail: #{jail} (disallowed in safe mode))
          end
        else
          resolved_segments << segment
        end
      end
    else
      unresolved_segments.each do |segment|
        segment == DOT_DOT ? resolved_segments.pop : resolved_segments << segment
      end
    end
  end
  if recheck
    target_path = join_path resolved_segments, jail_root
    if descends_from? target_path, jail
      target_path
    elsif opts.fetch :recover, true
      logger.warn %(#{opts[:target_name] || 'path'} is outside of jail; recovering automatically)
      jail_segments, = partition_path jail unless jail_segments
      join_path jail_segments + target_segments, jail_root
    else
      raise ::SecurityError, %(#{opts[:target_name] || 'path'} #{target} is outside of jail: #{jail} (disallowed in safe mode))
    end
  else
    join_path resolved_segments, jail_root
  end
end