github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-09 13:44:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

refactor(sandbox): unify tmp alias checks and dedupe hardlink tests

Browse Source
This commit is contained in:
Peter Steinberger
2026-02-25 02:01:12 +00:00
parent eb4a93a8db
commit c267b5edf6
2 changed files with 79 additions and 65 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
src/agents/sandbox-paths.ts
View File

@@ -186,12 +186,19 @@ async function resolveAllowedTmpMediaPath(params: {
if (!isPathInside(openClawTmpDir, resolved)) {
return undefined;
}
await assertNoSymlinkEscape(path.relative(openClawTmpDir, resolved), openClawTmpDir);
await assertNoHardlinkedFinalPath(resolved, openClawTmpDir);
await assertNoTmpAliasEscape({ filePath: resolved, tmpRoot: openClawTmpDir });
return resolved;
}
async function assertNoHardlinkedFinalPath(filePath: string, root: string): Promise<void> {
async function assertNoTmpAliasEscape(params: {
filePath: string;
tmpRoot: string;
}): Promise<void> {
await assertNoSymlinkEscape(path.relative(params.tmpRoot, params.filePath), params.tmpRoot);
await assertNoHardlinkedFinalPath(params.filePath, params.tmpRoot);
}
async function assertNoHardlinkedFinalPath(filePath: string, tmpRoot: string): Promise<void> {
let stat: Awaited<ReturnType<typeof fs.stat>>;
try {
stat = await fs.stat(filePath);
@@ -206,7 +213,7 @@ async function assertNoHardlinkedFinalPath(filePath: string, root: string): Prom
}
if (stat.nlink > 1) {
throw new Error(
`Hardlinked tmp media path is not allowed under sandbox root (${shortPath(root)}): ${shortPath(filePath)}`,
`Hardlinked tmp media path is not allowed under tmp root (${shortPath(tmpRoot)}): ${shortPath(filePath)}`,
);
}
}