github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-08 11:11:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(sandbox): reject hardlinked tmp media aliases

Browse Source
This commit is contained in:
Brian Mendonca
2026-02-24 14:26:17 -07:00
committed by Peter Steinberger
parent a01849e163
commit 22689b9dc9
2 changed files with 97 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
src/agents/sandbox-paths.ts
View File

@@ -187,9 +187,30 @@ async function resolveAllowedTmpMediaPath(params: {
return undefined;
}
await assertNoSymlinkEscape(path.relative(openClawTmpDir, resolved), openClawTmpDir);
await assertNoHardlinkedFinalPath(resolved, openClawTmpDir);
return resolved;
}
async function assertNoHardlinkedFinalPath(filePath: string, root: string): Promise<void> {
let stat: Awaited<ReturnType<typeof fs.stat>>;
try {
stat = await fs.stat(filePath);
} catch (err) {
if (isNotFoundPathError(err)) {
return;
}
throw err;
}
if (!stat.isFile()) {
return;
}
if (stat.nlink > 1) {
throw new Error(
`Hardlinked tmp media path is not allowed under sandbox root (${shortPath(root)}): ${shortPath(filePath)}`,
);
}
}
async function assertNoSymlinkEscape(
relative: string,
root: string,