sanitize agent sent file names to prevent path traversal

2026-04-30 10:33:46 +03:00
parent 34f3612877
commit 6e5e568da1
1 changed files with 5 additions and 0 deletions
--- a/src/session-manager.ts
+++ b/src/session-manager.ts
@@ -372,6 +372,11 @@ export function readOutboxFiles(
  if (!fs.existsSync(outboxDir)) return undefined;
  const files: OutboundFile[] = [];
  for (const filename of filenames) {
+    // Reject any name that isn't a bare basename before touching the filesystem.
+    if (!isSafeAttachmentName(filename)) {
+      log.warn('Refused unsafe outbox filename — would escape outbox', { messageId, filename });
+      continue;
+    }
    const filePath = path.join(outboxDir, filename);
    if (fs.existsSync(filePath)) {
      files.push({ filename, data: fs.readFileSync(filePath) });