fix: sanitize filename with path separators in FileSchema.decode (#5533)

Anri-Lombard · Anri Lombard · pre-commit-ci[bot] · web-flow · commit ce6146dc1cf3 · 2026-01-09T09:49:20.000+08:00
* fix: sanitize filename with path separators in FileSchema.decode Fixes #5532 When users upload files with filenames containing path separators (e.g., "payslips/red/genuine/uuid.pdf"), the filename was passed directly to tempfile.NamedTemporaryFile() as a suffix, causing a FileNotFoundError because the temp file system tried to create nested directories that don't exist. This change uses os.path.basename() to extract only the filename from the path, preventing the error while preserving the file extension for proper handling. * ci: auto fixes from pre-commit.ci For more information, see https://pre-commit.ci --------- Co-authored-by: Anri Lombard <anri.m.lombard@sprinthive.com> Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
diff --git a/src/_bentoml_sdk/validators.py b/src/_bentoml_sdk/validators.py
@@ -155,8 +155,9 @@ def decode(self, obj: bytes | t.BinaryIO | UploadFile | PurePath | str) -> t.Any
                 raise ValueError(
                     f"Invalid content type {media_type}, expected {self.content_type}"
                 )
+        suffix = os.path.basename(filename) if filename else None
         with tempfile.NamedTemporaryFile(
-            suffix=filename, dir=request_temp_dir(), delete=False
+            suffix=suffix, dir=request_temp_dir(), delete=False
         ) as f:
             f.write(body)
             return Path(f.name)
diff --git a/tests/unit/_bentoml_sdk/__init__.py b/tests/unit/_bentoml_sdk/__init__.py
diff --git a/tests/unit/_bentoml_sdk/test_validators.py b/tests/unit/_bentoml_sdk/test_validators.py
@@ -0,0 +1,27 @@
+from __future__ import annotations
+
+import io
+from pathlib import Path
+from unittest.mock import patch
+
+from starlette.datastructures import UploadFile
+
+from _bentoml_sdk.validators import FileSchema
+
+
+def test_file_schema_decode_with_path_separator_in_filename(tmp_path: Path):
+    file_content = b"test content"
+    upload_file = UploadFile(
+        file=io.BytesIO(file_content),
+        filename="subdir/nested/document.pdf",
+    )
+
+    with patch(
+        "bentoml._internal.context.request_temp_dir", return_value=str(tmp_path)
+    ):
+        result = FileSchema().decode(upload_file)
+
+    assert isinstance(result, Path)
+    assert result.exists()
+    assert result.read_bytes() == file_content
+    assert result.suffix == ".pdf"
