Merge pull request #1983 from janhq/sanitize_path

qnixsynapse · web-flow · commit 4a4fff4061c0 · 2025-02-19T17:30:51.000+05:30
Fix: Prevent Path Traversal in File Storage
diff --git a/engine/repositories/file_fs_repository.cc b/engine/repositories/file_fs_repository.cc
@@ -10,6 +10,21 @@ std::filesystem::path FileFsRepository::GetFilePath() const {
   return data_folder_path_ / kFileContainerFolderName;
 }
 
+std::filesystem::path SanitizePath(const std::filesystem::path & user_input,
+                                    const std::filesystem::path & basedir) {
+
+  auto abs_base = std::filesystem::canonical(basedir);
+  std::filesystem::path resolved_path = std::filesystem::weakly_canonical(
+      std::filesystem::path(basedir) / std::filesystem::path(user_input));
+      /* Ensure the resolved path is within our basedir */
+  for (auto p = resolved_path; !p.empty(); p = p.parent_path()) {
+    if (std::filesystem::equivalent(p, abs_base)) {
+      return resolved_path;
+    }
+  } 
+  return {};
+}
+
 cpp::result<void, std::string> FileFsRepository::StoreFile(
     OpenAi::File& file_metadata, const char* content, uint64_t length) {
   auto file_container_path = GetFilePath();
@@ -18,7 +33,11 @@ cpp::result<void, std::string> FileFsRepository::StoreFile(
   }
 
   auto original_filename = file_metadata.filename;
-  auto file_full_path = file_container_path / original_filename;
+  auto file_full_path = SanitizePath(original_filename, file_container_path);
+
+  if (file_full_path.empty()) {
+    return cpp::fail("Error resolving path in: " + original_filename);
+  }
 
   // Handle duplicate filenames
   int counter = 1;
