fix(core): Canonicalize paths via realpath; add escaping regression test

antonis · claude · antonis · commit 4e745bd13870 · 2026-04-24T16:10:24.000+02:00
- metroMiddleware: run realpath on both the allowed roots and each frame filename so a symlink inside an allowed root pointing outside cannot escape the containment check. Reject frames whose realpath fails. - sentryReleaseInjector: add a test asserting JSON.stringify escaping, so a future refactor cannot silently regress to unescaped interpolation. - Drop unneeded config cast now that InputConfigT exposes projectRoot and watchFolders directly. Addresses review feedback on #6044. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
diff --git a/packages/core/src/js/tools/metroMiddleware.ts b/packages/core/src/js/tools/metroMiddleware.ts
@@ -3,7 +3,7 @@ import type { IncomingMessage, ServerResponse } from 'http';
 import type { InputConfigT, Middleware } from 'metro-config';
 
 import { addContextToFrame, debug } from '@sentry/core';
-import { readFile } from 'fs';
+import { readFile, realpath, realpathSync } from 'fs';
 import * as path from 'path';
 import { promisify } from 'util';
 
@@ -12,17 +12,26 @@ import { getRawBody } from '../metro/getRawBody';
 import { openURLMiddleware } from '../metro/openUrlMiddleware';
 
 const readFileAsync = promisify(readFile);
+const realpathAsync = promisify(realpath);
 
 /**
  * Accepts Sentry formatted stack frames and
  * adds source context to the in app frames.
  *
  * Relative filenames are resolved against the first entry in `allowedRoots`.
- * A resolved filename must be contained in at least one of `allowedRoots`
- * (project root plus any Metro `watchFolders`).
+ * Both the resolved filename and the allowed roots are canonicalized via
+ * `fs.realpath`, so a symlink inside an allowed root pointing outside of it
+ * cannot escape the containment check.
  */
 export const createStackFramesContextMiddleware = (allowedRoots: string[]): Middleware => {
-  const normalizedRoots = allowedRoots.map(root => path.resolve(root));
+  const canonicalRoots = allowedRoots.map(root => {
+    const resolved = path.resolve(root);
+    try {
+      return realpathSync(resolved);
+    } catch {
+      return resolved;
+    }
+  });
 
   return async (request: IncomingMessage, response: ServerResponse, _next: () => void): Promise<void> => {
     debug.log('[@sentry/react-native/metro] Received request for stack frames context.');
@@ -47,15 +56,15 @@ export const createStackFramesContextMiddleware = (allowedRoots: string[]): Midd
       return;
     }
 
-    const stackWithSourceContext = await Promise.all(stack.map(frame => addSourceContext(frame, normalizedRoots)));
+    const stackWithSourceContext = await Promise.all(stack.map(frame => addSourceContext(frame, canonicalRoots)));
     response.setHeader('Content-Type', 'application/json');
     response.statusCode = 200;
     response.end(JSON.stringify({ stack: stackWithSourceContext }));
     debug.log('[@sentry/react-native/metro] Sent stack frames context.');
   };
 };
 
-async function addSourceContext(frame: StackFrame, allowedRoots: string[]): Promise<StackFrame> {
+async function addSourceContext(frame: StackFrame, canonicalRoots: string[]): Promise<StackFrame> {
   if (!frame.in_app) {
     return frame;
   }
@@ -66,22 +75,30 @@ async function addSourceContext(frame: StackFrame, allowedRoots: string[]): Prom
       return frame;
     }
 
-    if (allowedRoots.length === 0) {
+    if (canonicalRoots.length === 0) {
       debug.warn('[@sentry/react-native/metro] Skipping frame: no allowed roots configured.');
       return frame;
     }
 
-    const resolvedPath = path.resolve(allowedRoots[0]!, frame.filename);
-    const isInside = allowedRoots.some(root => {
-      const relative = path.relative(root, resolvedPath);
+    const resolvedPath = path.resolve(canonicalRoots[0]!, frame.filename);
+    let canonicalPath: string;
+    try {
+      canonicalPath = await realpathAsync(resolvedPath);
+    } catch {
+      debug.warn('[@sentry/react-native/metro] Skipping frame: could not canonicalize filename.');
+      return frame;
+    }
+
+    const isInside = canonicalRoots.some(root => {
+      const relative = path.relative(root, canonicalPath);
       return relative !== '' && !relative.startsWith('..') && !path.isAbsolute(relative);
     });
     if (!isInside) {
       debug.warn('[@sentry/react-native/metro] Skipping frame whose filename is outside the allowed roots.');
       return frame;
     }
 
-    const source = await readFileAsync(resolvedPath, { encoding: 'utf8' });
+    const source = await readFileAsync(canonicalPath, { encoding: 'utf8' });
     const lines = source.split('\n');
     addContextToFrame(lines, frame);
   } catch (error) {
@@ -127,9 +144,8 @@ export const withSentryMiddleware = (config: InputConfigT): InputConfigT => {
     config.server = {};
   }
 
-  const typedConfig = config as { projectRoot?: string; watchFolders?: readonly string[] };
-  const projectRoot = typedConfig.projectRoot || process.cwd();
-  const watchFolders = typedConfig.watchFolders || [];
+  const projectRoot = config.projectRoot || process.cwd();
+  const watchFolders = config.watchFolders || [];
   const allowedRoots = [projectRoot, ...watchFolders];
 
   const originalEnhanceMiddleware = config.server.enhanceMiddleware;
diff --git a/packages/core/test/tools/metroMiddleware.test.ts b/packages/core/test/tools/metroMiddleware.test.ts
@@ -15,6 +15,8 @@ jest.mock('../../src/js/tools/metroMiddleware', () => jest.requireActual('../../
 jest.mock('fs', () => {
   return {
     readFile: jest.fn(),
+    realpath: jest.fn((p: string, cb: (err: NodeJS.ErrnoException | null, resolved: string) => void) => cb(null, p)),
+    realpathSync: jest.fn((p: string) => p),
   };
 });
 
@@ -130,6 +132,12 @@ describe('metroMiddleware', () => {
     let testData: string = '';
 
     beforeEach(() => {
+      // afterEach resetAllMocks wipes the default fs impls installed via jest.mock, so reinstate.
+      (fs.realpath as unknown as jest.Mock).mockImplementation(
+        (p: string, cb: (err: NodeJS.ErrnoException | null, resolved: string) => void) => cb(null, p),
+      );
+      (fs.realpathSync as unknown as jest.Mock).mockImplementation((p: string) => p);
+
       request = {
         setEncoding: jest.fn(),
         on: jest.fn((event: string, cb: (data?: string) => void) => {
@@ -371,6 +379,61 @@ describe('metroMiddleware', () => {
       });
     });
 
+    it('should skip frames whose realpath resolves outside the allowed roots', async () => {
+      const realpathSpy = jest.spyOn(fs, 'realpath') as unknown as jest.Mock;
+      const readFileSpy = jest.spyOn(fs, 'readFile');
+
+      // Simulate a symlink: the file lives at <project>/link/file.js inside the project,
+      // but its realpath is /etc/shadow — outside every allowed root.
+      realpathSpy.mockImplementationOnce(
+        (_p: string, cb: (err: NodeJS.ErrnoException | null, resolved: string) => void) => cb(null, '/etc/shadow'),
+      );
+
+      testData = JSON.stringify({
+        stack: [
+          {
+            in_app: true,
+            filename: 'link/file.js',
+            function: 'testFunction',
+            lineno: 1,
+            colno: 1,
+          },
+        ],
+      } satisfies { stack: StackFrame[] });
+
+      await stackFramesContextMiddleware(request, response, next);
+
+      expect(readFileSpy).not.toHaveBeenCalled();
+      expect(response.statusCode).toBe(200);
+    });
+
+    it('should skip frames whose realpath cannot be resolved', async () => {
+      const realpathSpy = jest.spyOn(fs, 'realpath') as unknown as jest.Mock;
+      const readFileSpy = jest.spyOn(fs, 'readFile');
+
+      const enoent: NodeJS.ErrnoException = Object.assign(new Error('ENOENT'), { code: 'ENOENT' });
+      realpathSpy.mockImplementationOnce(
+        (_p: string, cb: (err: NodeJS.ErrnoException | null, resolved: string) => void) => cb(enoent, ''),
+      );
+
+      testData = JSON.stringify({
+        stack: [
+          {
+            in_app: true,
+            filename: 'missing.js',
+            function: 'testFunction',
+            lineno: 1,
+            colno: 1,
+          },
+        ],
+      } satisfies { stack: StackFrame[] });
+
+      await stackFramesContextMiddleware(request, response, next);
+
+      expect(readFileSpy).not.toHaveBeenCalled();
+      expect(response.statusCode).toBe(200);
+    });
+
     it('should handle mixed frame types correctly', async () => {
       const readFileSpy = jest.spyOn(fs, 'readFile');
       mockReadFileOnce(readFileSpy, path.join(TEST_PROJECT_ROOT, 'app1.js'), 'line1\nline2\nline3\nline4\nline5');
diff --git a/packages/core/test/tools/sentryReleaseInjector.test.ts b/packages/core/test/tools/sentryReleaseInjector.test.ts
@@ -47,4 +47,25 @@ describe('Sentry Release Injector', () => {
       'var SENTRY_RELEASE;SENTRY_RELEASE={name: "TestApp", version: "1.0.0"};',
     );
   });
+
+  test('unstableReleaseConstantsPlugin escapes values that would break out of the string literal', () => {
+    mockedExpoConfigRequire.mockReturnValue({
+      exp: {
+        name: 'App", evil();//',
+        version: '1.0\\"',
+      },
+    });
+    const projectRoot = '/some/project/root';
+    const graph = {
+      transformOptions: { platform: 'web' },
+    } as unknown as ReadOnlyGraph<MixedOutput>;
+    const premodules = [{ path: 'someModule.js' }] as Module[];
+
+    const plugin = unstableReleaseConstantsPlugin(projectRoot);
+    const result = plugin({ graph, premodules });
+
+    expect(result[0]?.getSource().toString()).toEqual(
+      'var SENTRY_RELEASE;SENTRY_RELEASE={name: "App\\", evil();//", version: "1.0\\\\\\""};',
+    );
+  });
 });
