fix(evaluation): Prevent path traversal in local eval managers

This commit adds a strict validation regex (^[a-zA-Z0-9_\-\.]+$) and explicit `..` checks for app_name, eval_set_id, eval_case_id, and eval_set_result_id in LocalEvalSetsManager and LocalEvalSetResultsManager. By sanitizing path parameters, this prevents directory traversal attacks when the FastAPI endpoints attempt to read or modify evaluation JSON files on the local filesystem.

Author: shivan4030

src/google/adk/evaluation/local_eval_set_results_manager.py

@@ -16,6 +16,7 @@
 
 import logging
 import os
+import re
 
 from typing_extensions import override
 
@@ -67,6 +68,7 @@ def get_eval_set_result(
       self, app_name: str, eval_set_result_id: str
   ) -> EvalSetResult:
     """Returns an EvalSetResult identified by app_name and eval_set_result_id."""
+    self._validate_id("Eval Set Result ID", eval_set_result_id)
     # Load the eval set result file data.
     maybe_eval_result_file_path = (
         os.path.join(
@@ -97,4 +99,12 @@ def list_eval_set_results(self, app_name: str) -> list[str]:
     return eval_result_files
 
   def _get_eval_history_dir(self, app_name: str) -> str:
+    self._validate_id("App Name", app_name)
     return os.path.join(self._agents_dir, app_name, _ADK_EVAL_HISTORY_DIR)
+
+  def _validate_id(self, id_name: str, id_value: str):
+    pattern = r"^[a-zA-Z0-9_\-\.]+$"
+    if not bool(re.fullmatch(pattern, id_value)) or ".." in id_value:
+      raise ValueError(
+          f"Invalid {id_name}. {id_name} should have the `{pattern}` format and not contain `..`",
+      )

src/google/adk/evaluation/local_eval_sets_manager.py

@@ -201,7 +201,7 @@ def get_eval_set(self, app_name: str, eval_set_id: str) -> Optional[EvalSet]:
     try:
       eval_set_file_path = self._get_eval_set_file_path(app_name, eval_set_id)
       return load_eval_set_from_file(eval_set_file_path, eval_set_id)
-    except FileNotFoundError:
+    except (FileNotFoundError, ValueError):
       return None
 
   @override
@@ -211,8 +211,6 @@ def create_eval_set(self, app_name: str, eval_set_id: str) -> EvalSet:
     Raises:
       ValueError: If Eval Set ID is not valid or an eval set already exists.
     """
-    self._validate_id(id_name="Eval Set ID", id_value=eval_set_id)
-
     # Define the file path
     new_eval_set_path = self._get_eval_set_file_path(app_name, eval_set_id)
 
@@ -247,6 +245,7 @@ def list_eval_sets(self, app_name: str) -> list[str]:
     Raises:
       NotFoundError: If the eval directory for the app is not found.
     """
+    self._validate_id("App Name", app_name)
     eval_set_file_path = os.path.join(self._agents_dir, app_name)
     eval_sets = []
     try:
@@ -266,6 +265,7 @@ def get_eval_case(
       self, app_name: str, eval_set_id: str, eval_case_id: str
   ) -> Optional[EvalCase]:
     """Returns an EvalCase if found; otherwise, None."""
+    self._validate_id("Eval Case ID", eval_case_id)
     eval_set = self.get_eval_set(app_name, eval_set_id)
     if not eval_set:
       return None
@@ -310,17 +310,19 @@ def delete_eval_case(
     self._save_eval_set(app_name, eval_set_id, updated_eval_set)
 
   def _get_eval_set_file_path(self, app_name: str, eval_set_id: str) -> str:
+    self._validate_id("App Name", app_name)
+    self._validate_id("Eval Set ID", eval_set_id)
     return os.path.join(
         self._agents_dir,
         app_name,
         eval_set_id + _EVAL_SET_FILE_EXTENSION,
     )
 
   def _validate_id(self, id_name: str, id_value: str):
-    pattern = r"^[a-zA-Z0-9_]+$"
-    if not bool(re.fullmatch(pattern, id_value)):
+    pattern = r"^[a-zA-Z0-9_\-\.]+$"
+    if not bool(re.fullmatch(pattern, id_value)) or ".." in id_value:
       raise ValueError(
-          f"Invalid {id_name}. {id_name} should have the `{pattern}` format",
+          f"Invalid {id_name}. {id_name} should have the `{pattern}` format and not contain `..`",
       )
 
   def _write_eval_set_to_path(self, eval_set_path: str, eval_set: EvalSet):

tests/unittests/evaluation/test_local_eval_set_results_manager.py

@@ -174,3 +174,11 @@ def test_list_eval_set_results_empty(self):
     # No eval set results saved for the app
     results = self.manager.list_eval_set_results(self.app_name)
     assert results == []
+
+  def test_get_eval_history_dir_invalid_app_name(self):
+    with pytest.raises(ValueError, match="Invalid App Name"):
+      self.manager.list_eval_set_results("../invalid")
+
+  def test_get_eval_set_result_invalid_id(self):
+    with pytest.raises(ValueError, match="Invalid Eval Set Result ID"):
+      self.manager.get_eval_set_result(self.app_name, "../invalid_id")

tests/unittests/evaluation/test_local_eval_sets_manager.py

@@ -390,11 +390,20 @@ def test_local_eval_sets_manager_create_eval_set_invalid_id(
       self, local_eval_sets_manager
   ):
     app_name = "test_app"
-    eval_set_id = "invalid-id"
+    eval_set_id = "invalid/id"
 
     with pytest.raises(ValueError, match="Invalid Eval Set ID"):
       local_eval_sets_manager.create_eval_set(app_name, eval_set_id)
 
+  def test_local_eval_sets_manager_create_eval_set_invalid_app_name(
+      self, local_eval_sets_manager
+  ):
+    app_name = "../test_app"
+    eval_set_id = "test_eval_set"
+
+    with pytest.raises(ValueError, match="Invalid App Name"):
+      local_eval_sets_manager.create_eval_set(app_name, eval_set_id)
+
   def test_local_eval_sets_manager_create_eval_set_already_exists(
       self, local_eval_sets_manager, mocker
   ):