github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-10 10:42:43 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(sandbox): normalize /workspace media paths to host sandbox root

Browse Source 
Co-authored-by: echo931 <echo931@users.noreply.github.com>
This commit is contained in:
Peter Steinberger
2026-02-22 20:30:48 +01:00
parent 0932adf361
commit eefbf3dc5a
4 changed files with 74 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
src/agents/sandbox-paths.test.ts
View File

@@ -62,6 +62,26 @@ describe("resolveSandboxedMediaSource", () => {
});
});
it("maps container /workspace absolute paths into sandbox root", async () => {
await withSandboxRoot(async (sandboxDir) => {
const result = await resolveSandboxedMediaSource({
media: "/workspace/media/pic.png",
sandboxRoot: sandboxDir,
});
expect(result).toBe(path.join(sandboxDir, "media", "pic.png"));
});
});
it("maps file:// URLs under /workspace into sandbox root", async () => {
await withSandboxRoot(async (sandboxDir) => {
const result = await resolveSandboxedMediaSource({
media: "file:///workspace/media/pic.png",
sandboxRoot: sandboxDir,
});
expect(result).toBe(path.join(sandboxDir, "media", "pic.png"));
});
});
// Group 3: Rejections (security)
it.each([
{
@@ -69,6 +89,11 @@ describe("resolveSandboxedMediaSource", () => {
media: "/etc/passwd",
expected: /sandbox/i,
},
{
name: "paths under similarly named container roots",
media: "/workspace-two/secret.txt",
expected: /sandbox/i,
},
{
name: "path traversal through tmpdir",
media: path.join(os.tmpdir(), "..", "etc", "passwd"),