🤖 fix: validate indexed filenames before deleting sound assets

---

_Generated with `mux` • Model: `openai:gpt-5.3-codex` • Thinking: `xhigh` • Cost: `1.41`_

<!-- mux-attribution: model=openai:gpt-5.3-codex thinking=xhigh costs=51.41 -->

Author: jaaydenh

src/node/services/eventSoundAssetService.test.ts

@@ -127,6 +127,43 @@ describe("EventSoundAssetService", () => {
     expect(await service.listAssets()).toEqual([]);
   });
 
+  it("removes tampered index entries without deleting files outside the asset directory", async () => {
+    const tamperedAssetId = "11111111-1111-1111-1111-111111111111.wav";
+    const outsidePath = path.join(tempMuxHome, "outside.txt");
+    await fsPromises.writeFile(outsidePath, "must-survive");
+
+    const assetsDirPath = path.join(tempMuxHome, "assets", "event-sounds");
+    const indexPath = path.join(assetsDirPath, "index.json");
+    await fsPromises.mkdir(assetsDirPath, { recursive: true });
+
+    await fsPromises.writeFile(
+      indexPath,
+      JSON.stringify(
+        {
+          version: 1,
+          assets: {
+            [tamperedAssetId]: {
+              assetId: tamperedAssetId,
+              fileName: "../../outside.txt",
+              originalName: "tampered.wav",
+              mimeType: "audio/wav",
+              sizeBytes: 1,
+              createdAt: new Date().toISOString(),
+            },
+          },
+        },
+        null,
+        2
+      ),
+      "utf-8"
+    );
+
+    await service.deleteAsset(tamperedAssetId);
+
+    expect(await fsPromises.readFile(outsidePath, "utf-8")).toBe("must-survive");
+    expect(await service.listAssets()).toEqual([]);
+  });
+
   it("treats deleteAsset for unknown ids as a no-op", async () => {
     await service.deleteAsset(KNOWN_MISSING_ASSET_ID);
   });

src/node/services/eventSoundAssetService.ts

@@ -266,6 +266,20 @@ export class EventSoundAssetService {
     }
   }
 
+  private resolveIndexedAssetFilePath(fileName: string): string | null {
+    if (!EVENT_SOUND_ASSET_ID_PATTERN.test(fileName)) {
+      return null;
+    }
+
+    const filePath = path.resolve(this.assetsDirPath, fileName);
+    const relative = path.relative(this.assetsDirPath, filePath);
+    if (relative.startsWith("..") || path.isAbsolute(relative)) {
+      return null;
+    }
+
+    return filePath;
+  }
+
   private async storeAsset(params: {
     bytes: Buffer;
     originalName: string;
@@ -356,8 +370,15 @@ export class EventSoundAssetService {
         return;
       }
 
-      const filePath = path.join(this.assetsDirPath, entry.fileName);
-      await fsPromises.rm(filePath, { force: true });
+      const filePath = this.resolveIndexedAssetFilePath(entry.fileName);
+      if (filePath) {
+        await fsPromises.rm(filePath, { force: true });
+      } else {
+        log.warn("Skipping event sound asset file deletion for invalid indexed filename", {
+          assetId,
+          fileName: entry.fileName,
+        });
+      }
 
       delete assets[assetId];
       await this.writeIndex(assets);
@@ -387,9 +408,8 @@ export class EventSoundAssetService {
       return null;
     }
 
-    const filePath = path.resolve(this.assetsDirPath, entry.fileName);
-    const relative = path.relative(this.assetsDirPath, filePath);
-    if (relative.startsWith("..") || path.isAbsolute(relative)) {
+    const filePath = this.resolveIndexedAssetFilePath(entry.fileName);
+    if (!filePath) {
       return null;
     }