github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-08 07:11:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(security): lock sandbox tmp media paths to openclaw roots

Browse Source
This commit is contained in:
Peter Steinberger
2026-02-24 23:09:34 +00:00
parent bf8ca07deb
commit d3da67c7a9
13 changed files with 364 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
src/agents/sandbox-paths.ts
View File

@@ -3,6 +3,7 @@ import os from "node:os";
import path from "node:path";
import { fileURLToPath, URL } from "node:url";
import { isNotFoundPathError, isPathInside } from "../infra/path-guards.js";
import { resolvePreferredOpenClawTmpDir } from "../infra/tmp-openclaw-dir.js";
const UNICODE_SPACES = /[\u00A0\u2000-\u200A\u202F\u205F\u3000]/g;
const HTTP_URL_RE = /^https?:\/\//i;
@@ -181,11 +182,11 @@ async function resolveAllowedTmpMediaPath(params: {
return undefined;
}
const resolved = path.resolve(resolveSandboxInputPath(params.candidate, params.sandboxRoot));
const tmpDir = path.resolve(os.tmpdir());
if (!isPathInside(tmpDir, resolved)) {
const openClawTmpDir = path.resolve(resolvePreferredOpenClawTmpDir());
if (!isPathInside(openClawTmpDir, resolved)) {
return undefined;
}
await assertNoSymlinkEscape(path.relative(tmpDir, resolved), tmpDir);
await assertNoSymlinkEscape(path.relative(openClawTmpDir, resolved), openClawTmpDir);
return resolved;
}