fix: path for windows

ivklgn · ivklgn · commit e26badf16340 · 2026-05-13T00:32:24.000+05:00
diff --git a/internal/mcp/tools/common.go b/internal/mcp/tools/common.go
@@ -5,6 +5,7 @@ import (
 	"fmt"
 	"io/fs"
 	"os"
+	"path"
 	"path/filepath"
 	"slices"
 	"strings"
@@ -211,13 +212,20 @@ func stripFrontmatter(content string) string {
 
 // validateArchcorePath normalises and validates a document path.
 // It returns the cleaned path or an error if the path is invalid.
+//
+// Uses path.Clean (POSIX, forward-slash) rather than filepath.Clean because on
+// Windows filepath.Clean would re-introduce backslashes after ToSlash, breaking
+// the subsequent ".archcore/" prefix check.
 func validateArchcorePath(relPath string) (string, error) {
+	if filepath.IsAbs(relPath) {
+		return "", fmt.Errorf("invalid path: must be relative and within .archcore/")
+	}
 	relPath = filepath.ToSlash(relPath)
 	if !strings.HasPrefix(relPath, ".archcore/") {
 		return "", fmt.Errorf("invalid path: must start with \".archcore/\"")
 	}
-	cleaned := filepath.Clean(relPath)
-	if strings.HasPrefix(cleaned, "..") || filepath.IsAbs(cleaned) || !strings.HasPrefix(cleaned, ".archcore/") {
+	cleaned := path.Clean(relPath)
+	if strings.HasPrefix(cleaned, "..") || !strings.HasPrefix(cleaned, ".archcore/") {
 		return "", fmt.Errorf("invalid path: must be relative and within .archcore/")
 	}
 	return cleaned, nil
diff --git a/internal/mcp/tools/common_test.go b/internal/mcp/tools/common_test.go
@@ -508,3 +508,45 @@ func TestReadDocumentContent_WithTags(t *testing.T) {
 		t.Errorf("tags = %v, want [frontend]", doc.Tags)
 	}
 }
+
+func TestValidateArchcorePath(t *testing.T) {
+	t.Parallel()
+	cases := []struct {
+		name     string
+		input    string
+		want     string
+		wantErr  bool
+		errMatch string
+	}{
+		{name: "forward slashes", input: ".archcore/features/lfrom/x.doc.md", want: ".archcore/features/lfrom/x.doc.md"},
+		{name: "redundant segments cleaned", input: ".archcore/a/./b/../c.md", want: ".archcore/a/c.md"},
+		// Regression: filepath.Clean on Windows re-introduces backslashes, which
+		// broke the second prefix check. The cleaned output must always use
+		// forward slashes, regardless of platform.
+		{name: "output uses forward slashes", input: ".archcore/a/b.md", want: ".archcore/a/b.md"},
+		{name: "missing prefix", input: "features/lfrom/x.doc.md", wantErr: true, errMatch: "must start with"},
+		{name: "traversal escape", input: ".archcore/../etc/passwd", wantErr: true, errMatch: "must be relative"},
+		{name: "absolute unix", input: "/etc/passwd", wantErr: true, errMatch: "must be relative"},
+	}
+	for _, tc := range cases {
+		t.Run(tc.name, func(t *testing.T) {
+			t.Parallel()
+			got, err := validateArchcorePath(tc.input)
+			if tc.wantErr {
+				if err == nil {
+					t.Fatalf("expected error, got nil (result=%q)", got)
+				}
+				if tc.errMatch != "" && !strings.Contains(err.Error(), tc.errMatch) {
+					t.Errorf("error = %q, want substring %q", err.Error(), tc.errMatch)
+				}
+				return
+			}
+			if err != nil {
+				t.Fatalf("unexpected error: %v", err)
+			}
+			if got != tc.want {
+				t.Errorf("got %q, want %q", got, tc.want)
+			}
+		})
+	}
+}
