github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-07 22:31:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

refactor(media): harden localRoots bypass (#16739)

Browse Source 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 89dce69f50
Co-authored-by: steipete <58493+steipete@users.noreply.github.com>
Co-authored-by: steipete <58493+steipete@users.noreply.github.com>
Reviewed-by: @steipete
This commit is contained in:
Peter Steinberger
2026-02-15 03:27:01 +01:00
committed by GitHub
parent b607c41a52
commit 683aa09b55
9 changed files with 73 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
src/infra/outbound/message-action-params.ts
View File

@@ -1,3 +1,4 @@
import fs from "node:fs/promises";
import path from "node:path";
import { fileURLToPath } from "node:url";
import type {
@@ -200,8 +201,12 @@ async function hydrateAttachmentPayload(params: {
channel: params.channel,
accountId: params.accountId,
});
// localRoots: "any" — media paths are already validated by normalizeSandboxMediaList above.
const media = await loadWebMedia(mediaSource, maxBytes, { localRoots: "any" });
// mediaSource already validated by normalizeSandboxMediaList; allow bypass but force explicit readFile.
const media = await loadWebMedia(mediaSource, {
maxBytes,
sandboxValidated: true,
readFile: (filePath: string) => fs.readFile(filePath),
});
params.args.buffer = media.buffer.toString("base64");
if (!contentTypeParam && media.contentType) {
params.args.contentType = media.contentType;