Prevent Path Traversal

sanitizePath Function: This function checks if the file path is valid and safely contained within an allowed directory. It converts the path to an absolute path, resolves any symlinks, and checks if the path starts with the specified allowed directory.
filecoin-project · Aug 11, 2024 · daf136f · daf136f
1 parent c4ac18f
commit daf136f
Showing 1 changed file with 26 additions and 1 deletion.
diff --git a/venus-devtool/inline-gen/main.go b/venus-devtool/inline-gen/main.go
@@ -20,7 +20,13 @@ const (
 var data = map[string]interface{}{}
 
 func main() {
-	db, err := os.ReadFile(os.Args[2])
+	// Validate and sanitize the file path
+	jsonFilePath, err := sanitizePath(os.Args[2])
+	if err != nil {
+		log.Fatalf("Invalid file path: %v", err)
+	}
+
+	db, err := os.ReadFile(jsonFilePath)
 	if err != nil {
 		log.Fatalf("Error reading file: %v", err)
 	}
@@ -34,6 +40,25 @@ func main() {
 	}
 }
 
+func sanitizePath(p string) (string, error) {
+	// Ensure the path is absolute
+	absPath, err := filepath.Abs(p)
+	if err != nil {
+		return "", err
+	}
+
+	// Resolve any symlinks and clean the path
+	cleanPath := filepath.Clean(absPath)
+
+	// Check if the path is within a specific allowed directory
+	allowedDir := "/your/safe/directory"
+	if !strings.HasPrefix(cleanPath, allowedDir) {
+		return "", fmt.Errorf("attempted path traversal outside of allowed directory")
+	}
+
+	return cleanPath, nil
+}
+
 func processFile(path string, info os.FileInfo, err error) error {
 	if err != nil {
 		return err