mirror of
https://github.com/google-gemini/gemini-cli
synced 2026-04-21 13:37:17 +00:00
fix(policy): guard copyFile paths against symlink attacks
This commit is contained in:
parent
de704ee200
commit
d4c824bbb6
1 changed files with 15 additions and 3 deletions
|
|
@ -714,9 +714,15 @@ export function createPolicyUpdater(
|
|||
'warning',
|
||||
`Syntax error found in policy file. Backing up corrupted file to ${policyFile}.bak and starting fresh.`,
|
||||
);
|
||||
await fs
|
||||
.copyFile(policyFile, `${policyFile}.bak`)
|
||||
.catch(() => {});
|
||||
if (
|
||||
!(
|
||||
await fs.lstat(policyFile).catch(() => null)
|
||||
)?.isSymbolicLink()
|
||||
) {
|
||||
await fs
|
||||
.copyFile(policyFile, `${policyFile}.bak`)
|
||||
.catch(() => {});
|
||||
}
|
||||
existingData = {};
|
||||
} else {
|
||||
// Real filesystem error (e.g. EACCES) — throw to prevent silent failure
|
||||
|
|
@ -787,6 +793,12 @@ export function createPolicyUpdater(
|
|||
isNodeError(renameError) &&
|
||||
(renameError.code === 'EXDEV' || renameError.code === 'EBUSY')
|
||||
) {
|
||||
if (
|
||||
(
|
||||
await fs.lstat(policyFile).catch(() => null)
|
||||
)?.isSymbolicLink()
|
||||
)
|
||||
throw renameError;
|
||||
await fs.copyFile(tmpFile, policyFile);
|
||||
await fs.unlink(tmpFile).catch(() => {});
|
||||
} else {
|
||||
|
|
|
|||
Loading…
Reference in a new issue