Fix file leakage vulnerability

smallcloudai / refact

WebUI for Fine-Tuning and Self-hosting of Open-Source Large Language Models for Coding

https://refact.ai

BSD 3-Clause "New" or "Revised" License

1.5k stars 100 forks source link

Fix file leakage vulnerability #399

Closed 596192804 closed 2 months ago

596192804 commented 2 months ago

Currently, there is a file leakage vulnerability on the server. For instance, when I access http://127.0.0.1:8008//etc/passwd, I can view the contents of the /etc/passwd file. The root cause lies in the execution of os.path.join(path1, path2), where if path2 is an absolute path, path1 will be ignored.

mitya52 commented 2 months ago

@596192804 thanks for sharing! Is there a way to solve the issue with pathlib?

596192804 commented 2 months ago

I just tested it and found that pathlib also has similar rules.

olegklimov commented 2 months ago

ahaha, amazing, so easy!

olegklimov commented 2 months ago

We need to fix this asap

mitya52 commented 2 months ago

@596192804 fixed in #402 . And again thanks for posting this issue!