From 1337f98cad6289b47ee0139bfbc553659601a52b Mon Sep 17 00:00:00 2001 From: prezakhani <13303554+Pouyanpi@users.noreply.github.com> Date: Thu, 11 Jul 2024 12:03:50 +0200 Subject: [PATCH 1/3] fix(api): remove unnecessary path check in _get_rails --- nemoguardrails/server/api.py | 3 --- 1 file changed, 3 deletions(-) diff --git a/nemoguardrails/server/api.py b/nemoguardrails/server/api.py index 31f18f9f7..7d9ebc612 100644 --- a/nemoguardrails/server/api.py +++ b/nemoguardrails/server/api.py @@ -253,9 +253,6 @@ def _get_rails(config_ids: List[str]) -> LLMRails: base_path = os.path.abspath(app.rails_config_path) full_path = os.path.normpath(os.path.join(base_path, config_id)) - if not full_path.startswith(base_path + os.sep): - raise ValueError("Access to the specified path is not allowed.") - rails_config = RailsConfig.from_path(full_path) if not full_llm_rails_config: From 95e584834b75323d923a73d5ee9b5ae532ca69cd Mon Sep 17 00:00:00 2001 From: prezakhani <13303554+Pouyanpi@users.noreply.github.com> Date: Thu, 11 Jul 2024 12:04:23 +0200 Subject: [PATCH 2/3] feat(api): add path traversal prevention in _get_rails path traversal prevention --- nemoguardrails/server/api.py | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/nemoguardrails/server/api.py b/nemoguardrails/server/api.py index 7d9ebc612..22a764b3c 100644 --- a/nemoguardrails/server/api.py +++ b/nemoguardrails/server/api.py @@ -18,6 +18,7 @@ import json import logging import os.path +import re import time import warnings from typing import Any, List, Optional @@ -253,6 +254,13 @@ def _get_rails(config_ids: List[str]) -> LLMRails: base_path = os.path.abspath(app.rails_config_path) full_path = os.path.normpath(os.path.join(base_path, config_id)) + # @NOTE: (Rdinu) Reject config_ids that contain dangerous characters or sequences + if re.search(r"[\\/]|(\.\.)", config_id): + raise ValueError("Invalid config_id.") + + if os.path.commonprefix([full_path, base_path]) != base_path: + raise ValueError("Access to the specified path is not allowed.") + rails_config = RailsConfig.from_path(full_path) if not full_llm_rails_config: From a6703c20b3db5bb44cf1293a5840df87623da0a6 Mon Sep 17 00:00:00 2001 From: prezakhani <13303554+Pouyanpi@users.noreply.github.com> Date: Thu, 11 Jul 2024 12:04:58 +0200 Subject: [PATCH 3/3] fix(cli): expand user paths in server command --- nemoguardrails/cli/__init__.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/nemoguardrails/cli/__init__.py b/nemoguardrails/cli/__init__.py index 671567a23..fdfd91451 100644 --- a/nemoguardrails/cli/__init__.py +++ b/nemoguardrails/cli/__init__.py @@ -138,7 +138,7 @@ def server( if config: # We make sure there is no trailing separator, as that might break things in # single config mode. - api.app.rails_config_path = config[0].rstrip(os.path.sep) + api.app.rails_config_path = os.path.expanduser(config[0].rstrip(os.path.sep)) else: # If we don't have a config, we try to see if there is a local config folder local_path = os.getcwd() @@ -189,6 +189,6 @@ def version_callback(value: bool): def cli( _: Optional[bool] = typer.Option( None, "-v", "--version", callback=version_callback, is_eager=True - ) + ), ): pass