fix(security): fail-close node camera URL downloads

2026-05-23 07:08:11 +00:00 · 2026-03-02 23:23:30 +00:00
parent 7365aefa19
commit 3bf19d6f40
9 changed files with 302 additions and 74 deletions
--- a/src/cli/nodes-camera.ts
+++ b/src/cli/nodes-camera.ts
@@ -1,5 +1,7 @@
 import * as fs from "node:fs/promises";
 import * as path from "node:path";
+import { fetchWithSsrFGuard } from "../infra/net/fetch-guard.js";
+import { normalizeHostname } from "../infra/net/hostname.js";
 import { resolveCliName } from "./cli-name.js";
 import {
  asBoolean,
@@ -72,64 +74,103 @@ export function cameraTempPath(opts: {
  return path.join(tmpDir, `${cliName}-camera-${opts.kind}${facingPart}-${id}${ext}`);
 }

-export async function writeUrlToFile(filePath: string, url: string) {
+export async function writeUrlToFile(
+  filePath: string,
+  url: string,
+  opts: { expectedHost: string },
+) {
  const parsed = new URL(url);
  if (parsed.protocol !== "https:") {
    throw new Error(`writeUrlToFile: only https URLs are allowed, got ${parsed.protocol}`);
  }
-
-  const res = await fetch(url);
-  if (!res.ok) {
-    throw new Error(`failed to download ${url}: ${res.status} ${res.statusText}`);
+  const expectedHost = normalizeHostname(opts.expectedHost);
+  if (!expectedHost) {
+    throw new Error("writeUrlToFile: expectedHost is required");
  }
-
-  const contentLengthRaw = res.headers.get("content-length");
-  const contentLength = contentLengthRaw ? Number.parseInt(contentLengthRaw, 10) : undefined;
-  if (
-    typeof contentLength === "number" &&
-    Number.isFinite(contentLength) &&
-    contentLength > MAX_CAMERA_URL_DOWNLOAD_BYTES
-  ) {
+  if (normalizeHostname(parsed.hostname) !== expectedHost) {
    throw new Error(
-      `writeUrlToFile: content-length ${contentLength} exceeds max ${MAX_CAMERA_URL_DOWNLOAD_BYTES}`,
+      `writeUrlToFile: url host ${parsed.hostname} must match node host ${opts.expectedHost}`,
    );
  }

-  const body = res.body;
-  if (!body) {
-    throw new Error(`failed to download ${url}: empty response body`);
-  }
+  const policy = {
+    allowPrivateNetwork: true,
+    allowedHostnames: [expectedHost],
+    hostnameAllowlist: [expectedHost],
+  };

-  const fileHandle = await fs.open(filePath, "w");
+  let release: () => Promise<void> = async () => {};
  let bytes = 0;
-  let thrown: unknown;
  try {
-    const reader = body.getReader();
-    while (true) {
-      const { done, value } = await reader.read();
-      if (done) {
-        break;
-      }
-      if (!value || value.byteLength === 0) {
-        continue;
-      }
-      bytes += value.byteLength;
-      if (bytes > MAX_CAMERA_URL_DOWNLOAD_BYTES) {
-        throw new Error(
-          `writeUrlToFile: downloaded ${bytes} bytes, exceeds max ${MAX_CAMERA_URL_DOWNLOAD_BYTES}`,
-        );
-      }
-      await fileHandle.write(value);
+    const guarded = await fetchWithSsrFGuard({
+      url,
+      auditContext: "writeUrlToFile",
+      policy,
+    });
+    release = guarded.release;
+    const finalUrl = new URL(guarded.finalUrl);
+    if (finalUrl.protocol !== "https:") {
+      throw new Error(`writeUrlToFile: redirect resolved to non-https URL ${guarded.finalUrl}`);
+    }
+    if (normalizeHostname(finalUrl.hostname) !== expectedHost) {
+      throw new Error(
+        `writeUrlToFile: redirect host ${finalUrl.hostname} must match node host ${opts.expectedHost}`,
+      );
+    }
+    const res = guarded.response;
+    if (!res.ok) {
+      throw new Error(`failed to download ${url}: ${res.status} ${res.statusText}`);
    }
-  } catch (err) {
-    thrown = err;
-  } finally {
-    await fileHandle.close();
-  }

-  if (thrown) {
-    await fs.unlink(filePath).catch(() => {});
-    throw thrown;
+    const contentLengthRaw = res.headers.get("content-length");
+    const contentLength = contentLengthRaw ? Number.parseInt(contentLengthRaw, 10) : undefined;
+    if (
+      typeof contentLength === "number" &&
+      Number.isFinite(contentLength) &&
+      contentLength > MAX_CAMERA_URL_DOWNLOAD_BYTES
+    ) {
+      throw new Error(
+        `writeUrlToFile: content-length ${contentLength} exceeds max ${MAX_CAMERA_URL_DOWNLOAD_BYTES}`,
+      );
+    }
+
+    const body = res.body;
+    if (!body) {
+      throw new Error(`failed to download ${url}: empty response body`);
+    }
+
+    const fileHandle = await fs.open(filePath, "w");
+    let thrown: unknown;
+    try {
+      const reader = body.getReader();
+      while (true) {
+        const { done, value } = await reader.read();
+        if (done) {
+          break;
+        }
+        if (!value || value.byteLength === 0) {
+          continue;
+        }
+        bytes += value.byteLength;
+        if (bytes > MAX_CAMERA_URL_DOWNLOAD_BYTES) {
+          throw new Error(
+            `writeUrlToFile: downloaded ${bytes} bytes, exceeds max ${MAX_CAMERA_URL_DOWNLOAD_BYTES}`,
+          );
+        }
+        await fileHandle.write(value);
+      }
+    } catch (err) {
+      thrown = err;
+    } finally {
+      await fileHandle.close();
+    }
+
+    if (thrown) {
+      await fs.unlink(filePath).catch(() => {});
+      throw thrown;
+    }
+  } finally {
+    await release();
  }

  return { path: filePath, bytes };
@@ -146,6 +187,7 @@ export async function writeCameraClipPayloadToFile(params: {
  facing: CameraFacing;
  tmpDir?: string;
  id?: string;
+  expectedHost?: string;
 }): Promise<string> {
  const filePath = cameraTempPath({
    kind: "clip",
@@ -155,7 +197,10 @@ export async function writeCameraClipPayloadToFile(params: {
    id: params.id,
  });
  if (params.payload.url) {
-    await writeUrlToFile(filePath, params.payload.url);
+    if (!params.expectedHost) {
+      throw new Error("camera URL payload requires node remoteIp");
+    }
+    await writeUrlToFile(filePath, params.payload.url, { expectedHost: params.expectedHost });
  } else if (params.payload.base64) {
    await writeBase64ToFile(filePath, params.payload.base64);
  } else {