Skip to content

Fix flaky GXDBFilePathTest by deriving base through ResolveUri (#1292)#1295

Merged
claudiamurialdo merged 1 commit into
release-1.36from
fix/flaky-gxdbfilepathtest-release-1.36
Jun 9, 2026
Merged

Fix flaky GXDBFilePathTest by deriving base through ResolveUri (#1292)#1295
claudiamurialdo merged 1 commit into
release-1.36from
fix/flaky-gxdbfilepathtest-release-1.36

Conversation

@claudiamurialdo

Copy link
Copy Markdown
Collaborator

The assertion compared the resolved malicious path against Preferences.getBLOB_PATH() directly and used new Uri(newFileName), which throws "Invalid URI: The format of the URI could not be determined" when ResolveUri returns a relative path.

This happened intermittently: when a prior test in the same process sets GxContext.IsHttpContext = true (via GxNetCoreStartup), the cached blobPath gets rooted differently while ResolveUri can still reresolve paths against the current working directory, making the StartsWith check fail (or new Uri throw) even when no real traversal occurred.

Use Uri.TryCreate(UriKind.Absolute) with a fallback so the resolution no longer throws, and derive the comparison base from ResolveUri of a known-safe filename, so both sides go through the same code path and share any environment-dependent rooting. The security invariant is unchanged: resolved malicious inputs must stay inside the blob/multimedia directory.

Backport of the test fix from #1272.

The assertion compared the resolved malicious path against Preferences.getBLOB_PATH() directly and used `new Uri(newFileName)`, which throws "Invalid URI: The format of the URI could not be determined" when ResolveUri returns a relative path.

This happened intermittently: when a prior test in the same process sets GxContext.IsHttpContext = true (via GxNetCoreStartup), the cached blobPath gets rooted differently while ResolveUri can still reresolve paths against the current working directory, making the StartsWith check fail (or new Uri throw) even when no real traversal occurred.

Use Uri.TryCreate(UriKind.Absolute) with a fallback so the resolution no longer throws, and derive the comparison base from ResolveUri of a known-safe filename, so both sides go through the same code path and share any environment-dependent rooting. The security invariant is unchanged: resolved malicious inputs must stay inside the blob/multimedia directory.

Backport of the test fix from #1272.

Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@claudiamurialdo claudiamurialdo temporarily deployed to kafka-integration-tests June 9, 2026 13:58 — with GitHub Actions Inactive
@claudiamurialdo claudiamurialdo had a problem deploying to external-storage-tests June 9, 2026 13:58 — with GitHub Actions Failure
@claudiamurialdo claudiamurialdo merged commit 2892719 into release-1.36 Jun 9, 2026
1 of 4 checks passed
@claudiamurialdo claudiamurialdo deleted the fix/flaky-gxdbfilepathtest-release-1.36 branch June 9, 2026 13:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants