fix(fs): prevent sandbox escape via TOCTOU fallback in RealFs::resolve#1040
Merged
fix(fs): prevent sandbox escape via TOCTOU fallback in RealFs::resolve#1040
Conversation
The resolve() fallback path returned raw joined paths without traversal validation when the parent directory didn't exist. Add normalize_host_path() to logically resolve .. components on host paths, and validate containment in the fallback case. Add security tests for the fallback path. Closes #980
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
RealFs::resolve()fallback path that returned raw joined paths without traversal validation when parent directory didn't exist (issue RealFs TOCTOU race condition in path resolution enables sandbox escape #980)normalize_host_path()helper that logically resolves..components on host-side paths without touching the filesystemTest plan
resolve_fallback_validates_containment— non-existent path under root succeedsresolve_fallback_returns_normalized_path— fallback returns clean path without..normalize_host_path_resolves_dotdot—..components collapsed correctlynormalize_host_path_preserves_absolute— absolute paths stay absolutesecurity_traversal_blocked_all_paths— comprehensive traversal attempts failsecurity_nonexistent_nested_stays_under_root— nested writes create under rootCloses #980