Tighten path containment in Live Migration file route#367
Open
nvharikrishna wants to merge 2 commits into
Open
Tighten path containment in Live Migration file route#367nvharikrishna wants to merge 2 commits into
nvharikrishna wants to merge 2 commits into
Conversation
…based path traversal by validating that the canonical resolved path stays within the configured directory. Return clearer HTTP status codes - 400 for malformed URLs, 403 for symlink escapes, 404 for missing or excluded files - with consistent JSON error responses. Preserve operator-configured directory paths in exclusion matching and logs so behavior stays predictable when data dirs sit behind symlinks.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Making this change as part of CEP-40.
CASSSIDECAR-479 Tightens the path check on the Live Migration file route so that symlinks inside a data directory cannot point to files outside the configured directory.
Earlier, the route only checked the URL text for .. patterns. That check does not catch symlinks, so a symlink within the data dir could still resolve to a file elsewhere on disk. The route now also resolves the path with toRealPath() and confirms the resolved path stays inside the configured base directory.