From 3d9955e144ed1fa58a1914b078680b3d352967b0 Mon Sep 17 00:00:00 2001
From: Snider <snider@host.uk.com>
Date: Mon, 2 Feb 2026 23:47:56 +0000
Subject: [PATCH] fix(io): sandbox absolute paths under root in Medium.path

Security fix: Remove Windows drive root bypass and properly strip
volume names before sandboxing. Paths like C:\Windows are now
correctly sandboxed under root instead of escaping.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---
 pkg/io/local/client.go | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/pkg/io/local/client.go b/pkg/io/local/client.go
index 189c1223..88145927 100644
--- a/pkg/io/local/client.go
+++ b/pkg/io/local/client.go
@@ -32,16 +32,15 @@ func (m *Medium) path(p string) string {
 	}
 	clean := strings.ReplaceAll(p, "..", ".")
 	if filepath.IsAbs(clean) {
-		// Handle Windows drive root (e.g. "C:\")
-		if len(clean) == 3 && clean[1] == ':' && (clean[2] == '\\' || clean[2] == '/') {
-			return clean
-		}
 		// If root is "/", allow absolute paths through
 		if m.root == "/" {
 			return filepath.Clean(clean)
 		}
-		// Otherwise, sandbox absolute paths by stripping leading /
-		return filepath.Join(m.root, strings.TrimPrefix(clean, "/"))
+		// Otherwise, sandbox absolute paths by stripping volume + leading separators
+		vol := filepath.VolumeName(clean)
+		clean = strings.TrimPrefix(clean, vol)
+		clean = strings.TrimLeft(clean, string(os.PathSeparator)+"/")
+		return filepath.Join(m.root, clean)
 	}
 	return filepath.Join(m.root, clean)
 }