core/cli
8
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions 1

fix(io): sandbox absolute paths under root in Medium.path

Browse source 
Security fix: Remove Windows drive root bypass and properly strip
volume names before sandboxing. Paths like C:\Windows are now
correctly sandboxed under root instead of escaping.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
Snider 2026-02-02 23:47:56 +00:00
parent 6322377d6e
commit 3d9955e144
1 changed files with 5 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
pkg/io/local/client.go
View file

@ -32,16 +32,15 @@ func (m *Medium) path(p string) string {
}
clean := strings.ReplaceAll(p, "..", ".")
if filepath.IsAbs(clean) {
// Handle Windows drive root (e.g. "C:\")
if len(clean) == 3 && clean[1] == ':' && (clean[2] == '\\' || clean[2] == '/') {
return clean
}
// If root is "/", allow absolute paths through
if m.root == "/" {
return filepath.Clean(clean)
}
// Otherwise, sandbox absolute paths by stripping leading /
return filepath.Join(m.root, strings.TrimPrefix(clean, "/"))
// Otherwise, sandbox absolute paths by stripping volume + leading separators
vol := filepath.VolumeName(clean)
clean = strings.TrimPrefix(clean, vol)
clean = strings.TrimLeft(clean, string(os.PathSeparator)+"/")
return filepath.Join(m.root, clean)
}
return filepath.Join(m.root, clean)
}