fix: validate reviewAgentLogPath to prevent path injection

cursoragent · msukkari · cursoragent · commit 61affd7498dc · 2026-04-18T01:57:15.000Z
Add path validation to invokeDiffReviewLlm to ensure the log path stays within the expected DATA_CACHE_DIR/review-agent directory. This addresses CodeQL alert #19 (js/path-injection) by resolving the path and verifying it does not escape the log directory. The validation is performed before each fs.appendFileSync call to prevent path traversal attacks even if the call chain changes in the future. Co-authored-by: Michael Sukkarieh <msukkari@users.noreply.github.com>
diff --git a/packages/web/src/features/agents/review-agent/nodes/invokeDiffReviewLlm.ts b/packages/web/src/features/agents/review-agent/nodes/invokeDiffReviewLlm.ts
@@ -2,10 +2,20 @@ import OpenAI from "openai";
 import { sourcebot_file_diff_review, sourcebot_file_diff_review_schema } from "@/features/agents/review-agent/types";
 import { env } from "@sourcebot/shared";
 import fs from "fs";
+import path from "path";
 import { createLogger } from "@sourcebot/shared";
 
 const logger = createLogger('invoke-diff-review-llm');
 
+const REVIEW_AGENT_LOG_BASE = path.join(env.DATA_CACHE_DIR, 'review-agent');
+
+const validateLogPath = (logPath: string): void => {
+    const resolved = path.resolve(logPath);
+    if (!resolved.startsWith(REVIEW_AGENT_LOG_BASE + path.sep)) {
+        throw new Error('reviewAgentLogPath escapes log directory');
+    }
+};
+
 export const invokeDiffReviewLlm = async (reviewAgentLogPath: string | undefined, prompt: string): Promise<sourcebot_file_diff_review> => {
     logger.debug("Executing invoke_diff_review_llm");
     
@@ -19,6 +29,7 @@ export const invokeDiffReviewLlm = async (reviewAgentLogPath: string | undefined
     });
 
     if (reviewAgentLogPath) {
+        validateLogPath(reviewAgentLogPath);
         fs.appendFileSync(reviewAgentLogPath, `\n\nPrompt:\n${prompt}`);
     }
 
@@ -32,6 +43,7 @@ export const invokeDiffReviewLlm = async (reviewAgentLogPath: string | undefined
     
         const openaiResponse = completion.choices[0].message.content;
         if (reviewAgentLogPath) {
+            validateLogPath(reviewAgentLogPath);
             fs.appendFileSync(reviewAgentLogPath, `\n\nResponse:\n${openaiResponse}`);
         }
         
