Validate container path is absolute in VolumeMount::Parse (#40085)

* Validate container path is absolute in VolumeMount::Parse

Add validation that non-empty container paths must start with '/' since
they are Linux paths inside the container. This catches cases where
Windows drive letter colons (e.g. C:\path) get misinterpreted as the
host:container separator, producing invalid container paths like
'\hostPath' instead of '/containerPath'.

Previously, 'C:\hostPath:ro' would silently parse as host='C',
container='\hostPath', mode=ro ΓÇö now it throws a clear error.

Updated tests to reflect the new validation and moved previously
'valid' but semantically incorrect cases to the invalid test set.

* Also validate host path is absolute, add format hint to error, cover forward-slash cases

- Reject non-absolute host paths (catches C:/hostPath where host='C')
- Add 'Expected format:' hint to container path error message for consistency
- Add forward-slash drive letter cases to invalid test set
- Move '::' case to invalid (host=':' is not absolute)

* Remove host path is_absolute check to allow future named volumes

Per review feedback: named volumes (e.g. 'test_vol:/path') would fail
an is_absolute() check on the host path. Keep only the container path
validation (must start with '/') which doesn't conflict with named
volume identifiers.

---------

Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>

Author: benhillis

src/windows/wslc/services/ContainerModel.cpp

@@ -196,6 +196,13 @@ VolumeMount VolumeMount::Parse(const std::wstring& value)
             std::format(L"Invalid volume specifications: '{}'. Host path cannot be empty. Expected format: <host path>:<container path>[:mode]", value));
     }
 
+    if (!vm.m_containerPath.empty() && vm.m_containerPath[0] != '/')
+    {
+        THROW_HR_WITH_USER_ERROR(
+            E_INVALIDARG,
+            std::format(L"Invalid volume specifications: '{}'. Container path must be an absolute path (starting with '/'). Expected format: <host path>:<container path>[:mode]", value));
+    }
+
     return vm;
 }
 

test/windows/wslc/WSLCVolumeMountUnitTests.cpp

@@ -35,12 +35,9 @@ class WSLCVolumeMountUnitTests
             {LR"(C:\host Path:/container Path:rw)", LR"(C:\host Path)", R"(/container Path)", false},
             {LR"(C:\hostPath::ro)", LR"(C:\hostPath)", R"()", true},
             {LR"(C:\hostPath:)", LR"(C:\hostPath)", R"()", false},
-            {LR"(C:\hostPath:ro)", LR"(C)", R"(\hostPath)", true},
             {LR"(C:\hostPath::rw)", LR"(C:\hostPath)", R"()", false},
-            {LR"(C:\hostPath:/containerPath:invalid_mode)", LR"(C:\hostPath:/containerPath)", R"(invalid_mode)", false},
-            {LR"(C:\hostPath:/containerPath:ro:extra)", LR"(C:\hostPath:/containerPath:ro)", R"(extra)", false},
             {LR"(C:\hostPath:/containerPath:)", LR"(C:\hostPath:/containerPath)", R"()", false},
-            {LR"(C:\hostPath)", LR"(C)", R"(\hostPath)", false},
+            {LR"(C:/hostPath:ro)", LR"(C)", R"(/hostPath)", true},
             {LR"(C:/hostPath)", LR"(C)", R"(/hostPath)", false},
             {LR"(::)", LR"(:)", R"()", false},
         };
@@ -69,5 +66,23 @@ class WSLCVolumeMountUnitTests
             VERIFY_THROWS(VolumeMount::Parse(value), wil::ResultException);
         }
     }
+
+    TEST_METHOD(VolumeMount_Parse_InvalidContainerPath)
+    {
+        // Drive colon gets misinterpreted as the host:container separator,
+        // producing a non-absolute container path. Caught by container path validation.
+        std::vector<std::wstring> invalidPathCases = {
+            LR"(C:\hostPath:ro)",                          // host='C', container=\hostPath (not absolute)
+            LR"(C:\hostPath)",                             // host='C', container=\hostPath (not absolute)
+            LR"(C:\hostPath:/containerPath:invalid_mode)", // container=invalid_mode (not absolute)
+            LR"(C:\hostPath:/containerPath:ro:extra)",     // container=extra (not absolute)
+        };
+
+        for (const auto& value : invalidPathCases)
+        {
+            WEX::Logging::Log::Comment(std::format(L"Testing invalid path: '{}'", value).c_str());
+            VERIFY_THROWS(VolumeMount::Parse(value), wil::ResultException);
+        }
+    }
 };
 } // namespace WSLCVolumeMount

test/windows/wslc/e2e/WSLCE2EContainerCreateTests.cpp

@@ -290,7 +290,7 @@ class WSLCE2EContainerCreateTests
         {
             auto result =
                 RunWslc(std::format(L"container run --name {} --volume C:\\hostPath:ro {}", WslcContainerName, AlpineImage.NameAndTag()));
-            result.Verify({.Stderr = L"The parameter is incorrect. \r\nError code: E_INVALIDARG\r\n", .ExitCode = 1});
+            result.Verify({.Stderr = L"Invalid volume specifications: 'C:\\hostPath:ro'. Container path must be an absolute path (starting with '/'). Expected format: <host path>:<container path>[:mode]\r\nError code: E_INVALIDARG\r\n", .ExitCode = 1});
             EnsureContainerDoesNotExist(WslcContainerName);
         }
 
@@ -310,14 +310,14 @@ class WSLCE2EContainerCreateTests
         {
             auto result = RunWslc(std::format(
                 L"container run --name {} --volume C:\\hostPath:/containerPath:invalid_mode {}", WslcContainerName, AlpineImage.NameAndTag()));
-            result.Verify({.Stderr = L"Unspecified error \r\nError code: E_FAIL\r\n", .ExitCode = 1});
+            result.Verify({.Stderr = L"Invalid volume specifications: 'C:\\hostPath:/containerPath:invalid_mode'. Container path must be an absolute path (starting with '/'). Expected format: <host path>:<container path>[:mode]\r\nError code: E_INVALIDARG\r\n", .ExitCode = 1});
             EnsureContainerDoesNotExist(WslcContainerName);
         }
 
         {
             auto result = RunWslc(std::format(
                 L"container run --name {} --volume C:\\hostPath:/containerPath:ro:extra {}", WslcContainerName, AlpineImage.NameAndTag()));
-            result.Verify({.Stderr = L"Unspecified error \r\nError code: E_FAIL\r\n", .ExitCode = 1});
+            result.Verify({.Stderr = L"Invalid volume specifications: 'C:\\hostPath:/containerPath:ro:extra'. Container path must be an absolute path (starting with '/'). Expected format: <host path>:<container path>[:mode]\r\nError code: E_INVALIDARG\r\n", .ExitCode = 1});
             EnsureContainerDoesNotExist(WslcContainerName);
         }
 
@@ -339,7 +339,7 @@ class WSLCE2EContainerCreateTests
         {
             auto result = RunWslc(
                 std::format(L"container run --name {} --volume \"C:\\hostPath\" {}", WslcContainerName, AlpineImage.NameAndTag()));
-            result.Verify({.Stderr = L"The parameter is incorrect. \r\nError code: E_INVALIDARG\r\n", .ExitCode = 1});
+            result.Verify({.Stderr = L"Invalid volume specifications: 'C:\\hostPath'. Container path must be an absolute path (starting with '/'). Expected format: <host path>:<container path>[:mode]\r\nError code: E_INVALIDARG\r\n", .ExitCode = 1});
             EnsureContainerDoesNotExist(WslcContainerName);
         }