aljaz/goose
1
0
Fork 0
mirror of https://github.com/aljazceru/goose.git synced 2025-12-18 22:54:24 +01:00
Code Issues Packages Projects Releases Wiki Activity

Run cargo fmt (#3135)

Browse Source
This commit is contained in:
Jack Amadeo
2025-06-27 21:12:49 -04:00
committed by GitHub
parent 9380bd19e4
commit d7fa8aed5c
1 changed files with 31 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
crates/goose/src/session/storage.rs
View File

@@ -178,7 +178,11 @@ pub fn get_path(id: Identifier) -> Result<PathBuf> {
// Handle path validation with Windows-compatible logic // Handle path validation with Windows-compatible logic
let is_path_allowed = validate_path_within_session_dir(&path, &session_dir)?; let is_path_allowed = validate_path_within_session_dir(&path, &session_dir)?;
if !is_path_allowed { if !is_path_allowed {
tracing::warn!("Attempted access outside session directory: {:?} not within {:?}", path, session_dir); tracing::warn!(
"Attempted access outside session directory: {:?} not within {:?}",
path,
session_dir
);
return Err(anyhow::anyhow!("Path not allowed")); return Err(anyhow::anyhow!("Path not allowed"));
} }
@@ -205,7 +209,9 @@ pub fn get_path(id: Identifier) -> Result<PathBuf> {
/// - Drive letter casing inconsistencies /// - Drive letter casing inconsistencies
fn validate_path_within_session_dir(path: &Path, session_dir: &Path) -> Result<bool> { fn validate_path_within_session_dir(path: &Path, session_dir: &Path) -> Result<bool> {
// First, try the simple case - if canonicalization works cleanly // First, try the simple case - if canonicalization works cleanly
if let (Ok(canonical_path), Ok(canonical_session_dir)) = (path.canonicalize(), session_dir.canonicalize()) { if let (Ok(canonical_path), Ok(canonical_session_dir)) =
(path.canonicalize(), session_dir.canonicalize())
{
if canonical_path.starts_with(&canonical_session_dir) { if canonical_path.starts_with(&canonical_session_dir) {
return Ok(true); return Ok(true);
} }
@@ -1700,16 +1706,25 @@ mod tests {
// Test case 2: Invalid path outside session directory // Test case 2: Invalid path outside session directory
let invalid_path = temp_dir.path().join("outside.jsonl"); let invalid_path = temp_dir.path().join("outside.jsonl");
assert!(!validate_path_within_session_dir(&invalid_path, &session_dir)?); assert!(!validate_path_within_session_dir(
&invalid_path,
&session_dir
)?);
// Test case 3: Path with different separators (simulate Windows issue) // Test case 3: Path with different separators (simulate Windows issue)
let mixed_sep_path = session_dir.join("subdir").join("test.jsonl"); let mixed_sep_path = session_dir.join("subdir").join("test.jsonl");
fs::create_dir_all(mixed_sep_path.parent().unwrap())?; fs::create_dir_all(mixed_sep_path.parent().unwrap())?;
assert!(validate_path_within_session_dir(&mixed_sep_path, &session_dir)?); assert!(validate_path_within_session_dir(
&mixed_sep_path,
&session_dir
)?);
// Test case 4: Non-existent path within session directory // Test case 4: Non-existent path within session directory
let nonexistent_path = session_dir.join("nonexistent").join("test.jsonl"); let nonexistent_path = session_dir.join("nonexistent").join("test.jsonl");
assert!(validate_path_within_session_dir(&nonexistent_path, &session_dir)?); assert!(validate_path_within_session_dir(
&nonexistent_path,
&session_dir
)?);
Ok(()) Ok(())
} }