From 62634b353c61f778d0458ce1e105d56f3d469806 Mon Sep 17 00:00:00 2001
From: Filip Christiansen <22807962+filipchristiansen@users.noreply.github.com>
Date: Tue, 15 Jul 2025 23:37:59 +0200
Subject: [PATCH 1/3] Potential fix for code scanning alert no. 75:
 Uncontrolled data used in path expression

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
---
 src/server/routers/ingest.py | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/server/routers/ingest.py b/src/server/routers/ingest.py
index 514db272..58cf8472 100644
--- a/src/server/routers/ingest.py
+++ b/src/server/routers/ingest.py
@@ -112,7 +112,11 @@ async def download_ingest(ingest_id: str) -> FileResponse:
     - **HTTPException**: **403** - the process lacks permission to read the directory or file
 
     """
+    # Normalize and validate the directory path
     directory = TMP_BASE_PATH / ingest_id
+    directory = directory.resolve()
+    if not str(directory).startswith(str(TMP_BASE_PATH)):
+        raise HTTPException(status_code=status.HTTP_403_FORBIDDEN, detail=f"Invalid ingest ID: {ingest_id!r}")
 
     if not directory.is_dir():
         raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail=f"Digest {ingest_id!r} not found")

From 5090e027facc1d9a42d848941e047e0f1eef3316 Mon Sep 17 00:00:00 2001
From: Filip Christiansen <22807962+filipchristiansen@users.noreply.github.com>
Date: Wed, 16 Jul 2025 00:03:09 +0200
Subject: [PATCH 2/3] Update src/server/routers/ingest.py

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
---
 src/server/routers/ingest.py | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/src/server/routers/ingest.py b/src/server/routers/ingest.py
index 58cf8472..501e4ac0 100644
--- a/src/server/routers/ingest.py
+++ b/src/server/routers/ingest.py
@@ -113,8 +113,7 @@ async def download_ingest(ingest_id: str) -> FileResponse:
 
     """
     # Normalize and validate the directory path
-    directory = TMP_BASE_PATH / ingest_id
-    directory = directory.resolve()
+    directory = (TMP_BASE_PATH / ingest_id).resolve()
     if not str(directory).startswith(str(TMP_BASE_PATH)):
         raise HTTPException(status_code=status.HTTP_403_FORBIDDEN, detail=f"Invalid ingest ID: {ingest_id!r}")
 

From 0fed34af3f659d5679333d36d4a2e83775f51fa9 Mon Sep 17 00:00:00 2001
From: Filip Christiansen <22807962+filipchristiansen@users.noreply.github.com>
Date: Wed, 16 Jul 2025 00:03:34 +0200
Subject: [PATCH 3/3] Update src/server/routers/ingest.py

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
---
 src/server/routers/ingest.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/server/routers/ingest.py b/src/server/routers/ingest.py
index 501e4ac0..521b7de0 100644
--- a/src/server/routers/ingest.py
+++ b/src/server/routers/ingest.py
@@ -114,7 +114,7 @@ async def download_ingest(ingest_id: str) -> FileResponse:
     """
     # Normalize and validate the directory path
     directory = (TMP_BASE_PATH / ingest_id).resolve()
-    if not str(directory).startswith(str(TMP_BASE_PATH)):
+    if not str(directory).startswith(str(TMP_BASE_PATH.resolve())):
         raise HTTPException(status_code=status.HTTP_403_FORBIDDEN, detail=f"Invalid ingest ID: {ingest_id!r}")
 
     if not directory.is_dir():