github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-10 20:24:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: harden sandbox media reads against TOCTOU escapes

Browse Source
This commit is contained in:
Peter Steinberger
2026-03-02 01:03:40 +00:00
parent 4320cde91d
commit c823a85302
12 changed files with 223 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/agents/pi-embedded-runner/run/images.ts
View File

@@ -4,7 +4,10 @@ import type { ImageContent } from "@mariozechner/pi-ai";
import { resolveUserPath } from "../../../utils.js";
import { loadWebMedia } from "../../../web/media.js";
import type { ImageSanitizationLimits } from "../../image-sanitization.js";
import { resolveSandboxedBridgeMediaPath } from "../../sandbox-media-paths.js";
import {
createSandboxBridgeReadFile,
resolveSandboxedBridgeMediaPath,
} from "../../sandbox-media-paths.js";
import { assertSandboxPath } from "../../sandbox-paths.js";
import type { SandboxFsBridge } from "../../sandbox/fs-bridge.js";
import { sanitizeImageBlocks } from "../../tool-images.js";
@@ -235,8 +238,7 @@ export async function loadImageFromRef(
? await loadWebMedia(targetPath, {
maxBytes: options.maxBytes,
sandboxValidated: true,
readFile: (filePath) =>
options.sandbox!.bridge.readFile({ filePath, cwd: options.sandbox!.root }),
readFile: createSandboxBridgeReadFile({ sandbox: options.sandbox }),
})
: await loadWebMedia(targetPath, options?.maxBytes);