Python script that randomizes various things in DK64. See the readme for current options that are available to be randomized as well as other features.
To fix the problem, we need to ensure that the constructed file path is securely validated before being used. This involves normalizing the path and ensuring it is contained within a safe root directory. We will use os.path.realpath to resolve the absolute path and then check that it starts with the intended directory.
Normalize the path using os.path.realpath to remove any ".." segments.
Check that the normalized path starts with the generated_seeds/ directory.
Update the code to use the validated path for file operations.
Suggested fixes powered by Copilot Autofix. Review carefully before merging.
Fixes https://github.com/2dos/DK64-Randomizer/security/code-scanning/41
To fix the problem, we need to ensure that the constructed file path is securely validated before being used. This involves normalizing the path and ensuring it is contained within a safe root directory. We will use
os.path.realpathto resolve the absolute path and then check that it starts with the intended directory.os.path.realpathto remove any ".." segments.generated_seeds/directory.Suggested fixes powered by Copilot Autofix. Review carefully before merging.