From 54d64d976284e8233cad32c364c963ffa23562e5 Mon Sep 17 00:00:00 2001 From: Simon Pinfold Date: Thu, 18 Jun 2026 16:44:48 +1200 Subject: [PATCH] Reject Windows subfolder paths Amp-Thread-ID: https://ampcode.com/threads/T-019ecf39-2e6f-747d-ae80-addba6b8e4f5 Co-authored-by: Amp --- app/assets/services/path_utils.py | 8 +++++++- tests-unit/assets_test/services/test_path_utils.py | 5 ++++- 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/app/assets/services/path_utils.py b/app/assets/services/path_utils.py index b6b87ba14..ac9ce152a 100644 --- a/app/assets/services/path_utils.py +++ b/app/assets/services/path_utils.py @@ -1,5 +1,5 @@ import os -from pathlib import Path +from pathlib import Path, PureWindowsPath from typing import Literal import folder_paths @@ -29,6 +29,12 @@ def _validate_subfolder(subfolder: str | None) -> list[str]: if not subfolder: return [] + if "\\" in subfolder: + raise ValueError("invalid subfolder path") + windows_path = PureWindowsPath(subfolder) + if windows_path.drive or windows_path.root: + raise ValueError("invalid subfolder path") + parts = Path(subfolder).parts invalid = {"", ".", ".."} if Path(subfolder).is_absolute() or any(part in invalid for part in parts): diff --git a/tests-unit/assets_test/services/test_path_utils.py b/tests-unit/assets_test/services/test_path_utils.py index 029d746d8..fe92896a8 100644 --- a/tests-unit/assets_test/services/test_path_utils.py +++ b/tests-unit/assets_test/services/test_path_utils.py @@ -179,7 +179,10 @@ class TestResolveDestinationFromTags: assert base_dir == os.path.abspath(fake_dirs["input"]) assert subdirs == ["foo", "bar"] - @pytest.mark.parametrize("subfolder", ["../escape", "foo/../bar", "/abs", "foo\\bar"]) + @pytest.mark.parametrize( + "subfolder", + ["../escape", "foo/../bar", "/abs", "foo\\bar", "C:/escape", "C:escape"], + ) def test_explicit_subfolder_rejects_unsafe_paths(self, fake_dirs, subfolder: str): with pytest.raises(ValueError, match="invalid subfolder"): resolve_destination_from_tags(["input", "unit-tests"], subfolder=subfolder)