Include the security fixes from sourcebot-dev#1134

Gavin Williams · fatmcgav · commit 0944a80c174a · 2026-04-20T21:45:26.000+01:00
diff --git a/packages/web/src/features/agents/review-agent/app.ts b/packages/web/src/features/agents/review-agent/app.ts
@@ -3,6 +3,7 @@ import { Gitlab } from "@gitbeaker/rest";
 import { generatePrReviews } from "@/features/agents/review-agent/nodes/generatePrReview";
 import { githubPushPrReviews } from "@/features/agents/review-agent/nodes/githubPushPrReviews";
 import { githubPrParser } from "@/features/agents/review-agent/nodes/githubPrParser";
+import { getReviewAgentLogDir } from "@/features/agents/review-agent/nodes/invokeDiffReviewLlm";
 import { gitlabMrParser } from "@/features/agents/review-agent/nodes/gitlabMrParser";
 import { gitlabPushMrReviews } from "@/features/agents/review-agent/nodes/gitlabPushMrReviews";
 import { GitHubPullRequest, GitLabMergeRequestPayload } from "@/features/agents/review-agent/types";
@@ -28,7 +29,7 @@ function getReviewAgentLogPath(identifier: string): string | undefined {
         return undefined;
     }
 
-    const reviewAgentLogDir = path.join(env.DATA_CACHE_DIR, "review-agent");
+    const reviewAgentLogDir = getReviewAgentLogDir();
     if (!fs.existsSync(reviewAgentLogDir)) {
         fs.mkdirSync(reviewAgentLogDir, { recursive: true });
     }
diff --git a/packages/web/src/features/agents/review-agent/nodes/invokeDiffReviewLlm.ts b/packages/web/src/features/agents/review-agent/nodes/invokeDiffReviewLlm.ts
@@ -3,10 +3,23 @@ import { getAISDKLanguageModelAndOptions, getConfiguredLanguageModels } from "@/
 import { env } from "@sourcebot/shared";
 import { generateText } from "ai";
 import fs from "fs";
+import path from "path";
 import { createLogger } from "@sourcebot/shared";
 
 const logger = createLogger('invoke-diff-review-llm');
 
+export const getReviewAgentLogDir = (): string => {
+    return path.join(env.DATA_CACHE_DIR, 'review-agent');
+};
+
+const validateLogPath = (logPath: string): void => {
+    const resolved = path.resolve(logPath);
+    const logDir = getReviewAgentLogDir();
+    if (!resolved.startsWith(logDir + path.sep)) {
+        throw new Error('reviewAgentLogPath escapes log directory');
+    }
+};
+
 export const invokeDiffReviewLlm = async (reviewAgentLogPath: string | undefined, prompt: string): Promise<sourcebot_file_diff_review> => {
     logger.debug("Executing invoke_diff_review_llm");
 
@@ -28,6 +41,7 @@ export const invokeDiffReviewLlm = async (reviewAgentLogPath: string | undefined
     const { model, providerOptions, temperature } = await getAISDKLanguageModelAndOptions(selectedModel);
 
     if (reviewAgentLogPath) {
+        validateLogPath(reviewAgentLogPath);
         fs.appendFileSync(reviewAgentLogPath, `\n\nPrompt:\n${prompt}`);
     }
 
@@ -42,6 +56,7 @@ export const invokeDiffReviewLlm = async (reviewAgentLogPath: string | undefined
 
         const responseText = result.text;
         if (reviewAgentLogPath) {
+            validateLogPath(reviewAgentLogPath);
             fs.appendFileSync(reviewAgentLogPath, `\n\nResponse:\n${responseText}`);
         }
 
