Skip to content

Fix attachment path traversal#10

Draft
cursor[bot] wants to merge 1 commit into
mainfrom
cursor/critical-bug-investigation-b97d
Draft

Fix attachment path traversal#10
cursor[bot] wants to merge 1 commit into
mainfrom
cursor/critical-bug-investigation-b97d

Conversation

@cursor

@cursor cursor Bot commented Jun 13, 2026

Copy link
Copy Markdown

Bug and impact

A crafted chat_send_message image request could pass a traversal string as conversationId. The image was written under attachments/{conversationId} before the normal conversation existence check, allowing attacker-controlled image bytes to be written outside the Persistent Sage data directory before the chat failed.

Root cause

save_image_attachment interpolated conversation_id directly into a relative path and joined it to data_dir without validating that it was a single safe path segment or checking canonical containment.

Fix

  • Reject attachment conversation IDs containing path separators/traversal characters before any filesystem side effects.
  • Canonicalize and enforce attachment-root containment before writing.
  • Harden image reads with canonical containment checks.
  • Add regression tests for traversal rejection and valid attachment saves.

Validation

  • rustfmt --edition 2021 --check src/attachments.rs
  • rustup run stable cargo test attachment_path_tests --lib
  • rustup run stable cargo test --lib
Open in Web View Automation 

Co-authored-by: g00sifer Development Lab <g00siferdev-py@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant