Skip to content

Security: Potential path traversal when saving models to disk#1104

Open
tuanaiseo wants to merge 1 commit into
epfml:developfrom
tuanaiseo:contribai/fix/security/potential-path-traversal-when-saving-mod
Open

Security: Potential path traversal when saving models to disk#1104
tuanaiseo wants to merge 1 commit into
epfml:developfrom
tuanaiseo:contribai/fix/security/potential-path-traversal-when-saving-mod

Conversation

@tuanaiseo

Copy link
Copy Markdown

Problem

saveModelToDisk builds the output path via string interpolation (${modelFolder}/${modelFileName}) without sanitizing modelFileName. If user-controlled, attackers can inject ../ sequences or absolute paths to overwrite unintended files.

Severity: high
File: discojs-node/src/model_loader.ts

Solution

Use path.resolve/path.join and validate that the resolved path stays inside an allowed base directory. Reject path separators in modelFileName or enforce a safe filename regex.

Changes

  • discojs-node/src/model_loader.ts (modified)

Testing

  • Existing tests pass
  • Manual review completed
  • No new warnings/errors introduced
`saveModelToDisk` builds the output path via string interpolation (`${modelFolder}/${modelFileName}`) without sanitizing `modelFileName`. If user-controlled, attackers can inject `../` sequences or absolute paths to overwrite unintended files.

Affected files: model_loader.ts

Signed-off-by: tuanaiseo <221258316+tuanaiseo@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

1 participant