From dc041b42fc253c77a968db6e2dc8f160adea4188 Mon Sep 17 00:00:00 2001
From: m957ymj75urz <m957ymj75urz@gmail.com>
Date: Tue, 14 Mar 2023 09:27:53 +0100
Subject: [PATCH] switch to realpath to check path traversal

---
 nodes.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/nodes.py b/nodes.py
index dbbe9eba7..e7c212c8d 100644
--- a/nodes.py
+++ b/nodes.py
@@ -806,7 +806,7 @@ class SaveImage:
         comfy_output_folder = os.path.join(os.path.dirname(os.path.realpath(__file__)), "output")
         full_output_folder = os.path.join(comfy_output_folder, subfolder) 
 
-        if os.path.commonpath((comfy_output_folder, os.path.abspath(full_output_folder))) != comfy_output_folder:
+        if os.path.commonpath((comfy_output_folder, os.path.realpath(full_output_folder))) != comfy_output_folder:
             print("Saving image outside the output folder is not allowed.")
             return