fix(filesystem): fix UNC path subdirectory access denied#3633
Open
ctonneslan wants to merge 1 commit intomodelcontextprotocol:mainfrom
Open
fix(filesystem): fix UNC path subdirectory access denied#3633ctonneslan wants to merge 1 commit intomodelcontextprotocol:mainfrom
ctonneslan wants to merge 1 commit intomodelcontextprotocol:mainfrom
Conversation
…pport isPathWithinAllowedDirectories used path.resolve(path.normalize()) directly, which can mangle UNC paths (\\server\share) by stripping the leading double backslash. The rest of the codebase uses normalizePath() which preserves UNC prefixes. Now uses normalizePath() for both the input path and allowed directory normalization, ensuring consistent handling of UNC paths in the subdirectory prefix check. Fixes modelcontextprotocol#3527
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Problem
UNC paths like
\\192.168.4.96\Megawork at the root level but accessing any subdirectory (e.g.\\192.168.4.96\Mega\Drops) returns "Access denied - path outside allowed directories".Root Cause
isPathWithinAllowedDirectoriesinpath-validation.tsusespath.resolve(path.normalize(dir))directly, which can mangle UNC paths by stripping or altering the leading\\prefix. The rest of the codebase usesnormalizePath()which explicitly preserves UNC prefixes (seepath-utils.tslines 66-92).This means the allowed directory is normalized differently in the validation check than in the actual file operations, causing the
startsWith()prefix check to fail.Fix
Use
normalizePath()for both the input path and allowed directory normalization inisPathWithinAllowedDirectories, ensuring consistent UNC path handling.Fixes #3527