Bugfix/arbitrary create attachemnt file upload (#4171)

fix arbitrary create attachemnt file upload
2026-06-28 17:01:00 +03:00 · 2025-03-13 19:46:27 +00:00
parent c6968ff385
commit c2b830f279
5 changed files with 59 additions and 16 deletions
@@ -10,3 +10,4 @@ export * from './speechToText'
 export * from './storageUtils'
 export * from './handler'
 export * from './followUpPrompts'
+export * from './validator'
@@ -77,7 +77,7 @@ export const addArrayFilesToStorage = async (mime: string, bf: Buffer, fileName:
        fileNames.push(sanitizedFilename)
        return 'FILE-STORAGE::' + JSON.stringify(fileNames)
    } else {
-        const dir = path.join(getStoragePath(), ...paths)
+        const dir = path.join(getStoragePath(), ...paths.map(_sanitizeFilename))
        if (!fs.existsSync(dir)) {
            fs.mkdirSync(dir, { recursive: true })
        }
@@ -110,7 +110,7 @@ export const addSingleFileToStorage = async (mime: string, bf: Buffer, fileName:
        await s3Client.send(putObjCmd)
        return 'FILE-STORAGE::' + sanitizedFilename
    } else {
-        const dir = path.join(getStoragePath(), ...paths)
+        const dir = path.join(getStoragePath(), ...paths.map(_sanitizeFilename))
        if (!fs.existsSync(dir)) {
            fs.mkdirSync(dir, { recursive: true })
        }
@@ -180,7 +180,7 @@ export const getFileFromStorage = async (file: string, ...paths: string[]): Prom
        const buffer = Buffer.concat(response.Body.toArray())
        return buffer
    } else {
-        const fileInStorage = path.join(getStoragePath(), ...paths, sanitizedFilename)
+        const fileInStorage = path.join(getStoragePath(), ...paths.map(_sanitizeFilename), sanitizedFilename)
        return fs.readFileSync(fileInStorage)
    }
 }
@@ -209,7 +209,7 @@ export const removeFilesFromStorage = async (...paths: string[]) => {
        }
        await _deleteS3Folder(Key)
    } else {
-        const directory = path.join(getStoragePath(), ...paths)
+        const directory = path.join(getStoragePath(), ...paths.map(_sanitizeFilename))
        _deleteLocalFolderRecursive(directory)
    }
 }
@@ -243,7 +243,7 @@ export const removeSpecificFileFromStorage = async (...paths: string[]) => {
            const sanitizedFilename = _sanitizeFilename(fileName)
            paths.push(sanitizedFilename)
        }
-        const file = path.join(getStoragePath(), ...paths)
+        const file = path.join(getStoragePath(), ...paths.map(_sanitizeFilename))
        fs.unlinkSync(file)
    }
 }
@@ -258,7 +258,7 @@ export const removeFolderFromStorage = async (...paths: string[]) => {
        }
        await _deleteS3Folder(Key)
    } else {
-        const directory = path.join(getStoragePath(), ...paths)
+        const directory = path.join(getStoragePath(), ...paths.map(_sanitizeFilename))
        _deleteLocalFolderRecursive(directory, true)
    }
 }
@@ -0,0 +1,29 @@
+/**
+ * Validates if a string is a valid UUID v4
+ * @param {string} uuid The string to validate
+ * @returns {boolean} True if valid UUID, false otherwise
+ */
+export const isValidUUID = (uuid: string): boolean => {
+    // UUID v4 regex pattern
+    const uuidV4Pattern = /^[0-9a-f]{8}-[0-9a-f]{4}-4[0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$/i
+    return uuidV4Pattern.test(uuid)
+}
+
+/**
+ * Validates if a string contains path traversal attempts
+ * @param {string} path The string to validate
+ * @returns {boolean} True if path traversal detected, false otherwise
+ */
+export const isPathTraversal = (path: string): boolean => {
+    // Check for common path traversal patterns
+    const dangerousPatterns = [
+        '..', // Directory traversal
+        '/', // Root directory
+        '\\', // Windows root directory
+        '%2e', // URL encoded .
+        '%2f', // URL encoded /
+        '%5c' // URL encoded \
+    ]
+
+    return dangerousPatterns.some((pattern) => path.toLowerCase().includes(pattern))
+}