Session file security updates (aaif-goose#3071)

Author: zanesq

crates/goose-cli/src/commands/session.rs

@@ -175,7 +175,12 @@ pub fn handle_session_list(verbose: bool, format: String, ascending: bool) -> Re
 /// without creating an Agent or prompting about working directories.
 pub fn handle_session_export(identifier: Identifier, output_path: Option<PathBuf>) -> Result<()> {
     // Get the session file path
-    let session_file_path = goose::session::get_path(identifier.clone());
+    let session_file_path = match goose::session::get_path(identifier.clone()) {
+        Ok(path) => path,
+        Err(e) => {
+            return Err(anyhow::anyhow!("Invalid session identifier: {}", e));
+        }
+    };
 
     if !session_file_path.exists() {
         return Err(anyhow::anyhow!(

crates/goose-cli/src/commands/web.rs

@@ -250,7 +250,14 @@ async fn list_sessions() -> Json<serde_json::Value> {
 async fn get_session(
     axum::extract::Path(session_id): axum::extract::Path<String>,
 ) -> Json<serde_json::Value> {
-    let session_file = session::get_path(session::Identifier::Name(session_id));
+    let session_file = match session::get_path(session::Identifier::Name(session_id)) {
+        Ok(path) => path,
+        Err(e) => {
+            return Json(serde_json::json!({
+                "error": format!("Invalid session ID: {}", e)
+            }));
+        }
+    };
 
     match session::read_messages(&session_file) {
         Ok(messages) => {
@@ -288,8 +295,15 @@ async fn handle_socket(socket: WebSocket, state: AppState) {
                             ..
                         }) => {
                             // Get session file path from session_id
-                            let session_file =
-                                session::get_path(session::Identifier::Name(session_id.clone()));
+                            let session_file = match session::get_path(session::Identifier::Name(
+                                session_id.clone(),
+                            )) {
+                                Ok(path) => path,
+                                Err(e) => {
+                                    tracing::error!("Failed to get session path: {}", e);
+                                    continue;
+                                }
+                            };
 
                             // Get or create session in memory (for fast access during processing)
                             let session_messages = {

crates/goose-cli/src/session/builder.rs

@@ -234,7 +234,13 @@ pub async fn build_session(session_config: SessionBuilderConfig) -> Session {
         }
     } else if session_config.resume {
         if let Some(identifier) = session_config.identifier {
-            let session_file = session::get_path(identifier);
+            let session_file = match session::get_path(identifier) {
+                Ok(path) => path,
+                Err(e) => {
+                    output::render_error(&format!("Invalid session identifier: {}", e));
+                    process::exit(1);
+                }
+            };
             if !session_file.exists() {
                 output::render_error(&format!(
                     "Cannot resume session {} - no such session exists",
@@ -262,7 +268,13 @@ pub async fn build_session(session_config: SessionBuilderConfig) -> Session {
         };
 
         // Just get the path - file will be created when needed
-        session::get_path(id)
+        match session::get_path(id) {
+            Ok(path) => path,
+            Err(e) => {
+                output::render_error(&format!("Failed to create session path: {}", e));
+                process::exit(1);
+            }
+        }
     };
 
     if session_config.resume && !session_config.no_session {

crates/goose-server/src/routes/reply.rs

@@ -210,7 +210,20 @@ async fn handler(
         };
 
         let mut all_messages = messages.clone();
-        let session_path = session::get_path(session::Identifier::Name(session_id.clone()));
+        let session_path = match session::get_path(session::Identifier::Name(session_id.clone())) {
+            Ok(path) => path,
+            Err(e) => {
+                tracing::error!("Failed to get session path: {}", e);
+                let _ = stream_event(
+                    MessageEvent::Error {
+                        error: format!("Failed to get session path: {}", e),
+                    },
+                    &tx,
+                )
+                .await;
+                return;
+            }
+        };
 
         loop {
             tokio::select! {
@@ -390,13 +403,21 @@ async fn ask_handler(
         all_messages.push(response_message);
     }
 
-    let session_path = session::get_path(session::Identifier::Name(session_id.clone()));
+    let session_path = match session::get_path(session::Identifier::Name(session_id.clone())) {
+        Ok(path) => path,
+        Err(e) => {
+            tracing::error!("Failed to get session path: {}", e);
+            return Err(StatusCode::INTERNAL_SERVER_ERROR);
+        }
+    };
 
-    let session_path = session_path.clone();
+    let session_path_clone = session_path.clone();
     let messages = all_messages.clone();
     let provider = Arc::clone(provider.as_ref().unwrap());
     tokio::spawn(async move {
-        if let Err(e) = session::persist_messages(&session_path, &messages, Some(provider)).await {
+        if let Err(e) =
+            session::persist_messages(&session_path_clone, &messages, Some(provider)).await
+        {
             tracing::error!("Failed to store session history: {:?}", e);
         }
     });

crates/goose-server/src/routes/session.rs

@@ -84,7 +84,10 @@ async fn get_session_history(
 ) -> Result<Json<SessionHistoryResponse>, StatusCode> {
     verify_secret_key(&headers, &state)?;
 
-    let session_path = session::get_path(session::Identifier::Name(session_id.clone()));
+    let session_path = match session::get_path(session::Identifier::Name(session_id.clone())) {
+        Ok(path) => path,
+        Err(_) => return Err(StatusCode::BAD_REQUEST),
+    };
 
     // Read metadata
     let metadata = session::read_metadata(&session_path).map_err(|_| StatusCode::NOT_FOUND)?;

crates/goose/src/agents/reply_parts.rs

@@ -222,7 +222,12 @@ impl Agent {
         usage: &crate::providers::base::ProviderUsage,
         messages_length: usize,
     ) -> Result<()> {
-        let session_file_path = session::storage::get_path(session_config.id.clone());
+        let session_file_path = match session::storage::get_path(session_config.id.clone()) {
+            Ok(path) => path,
+            Err(e) => {
+                return Err(anyhow::anyhow!("Failed to get session file path: {}", e));
+            }
+        };
         let mut metadata = session::storage::read_metadata(&session_file_path)?;
 
         metadata.schedule_id = session_config.schedule_id.clone();

crates/goose/src/agents/schedule_tool.rs

@@ -372,9 +372,17 @@ impl Agent {
             })?;
 
         // Get the session file path
-        let session_path = crate::session::storage::get_path(
+        let session_path = match crate::session::storage::get_path(
             crate::session::storage::Identifier::Name(session_id.to_string()),
-        );
+        ) {
+            Ok(path) => path,
+            Err(e) => {
+                return Err(ToolError::ExecutionError(format!(
+                    "Invalid session ID '{}': {}",
+                    session_id, e
+                )));
+            }
+        };
 
         // Check if session file exists
         if !session_path.exists() {

crates/goose/src/scheduler.rs

@@ -1138,9 +1138,17 @@ async fn run_scheduled_job_internal(
         }
     }
 
-    let session_file_path = crate::session::storage::get_path(
+    let session_file_path = match crate::session::storage::get_path(
         crate::session::storage::Identifier::Name(session_id_for_return.clone()),
-    );
+    ) {
+        Ok(path) => path,
+        Err(e) => {
+            return Err(JobExecutionError {
+                job_id: job.id.clone(),
+                error: format!("Failed to get session file path: {}", e),
+            });
+        }
+    };
 
     if let Some(prompt_text) = recipe.prompt {
         let mut all_session_messages: Vec<Message> =