fix(core): skip directories when reading GEMINI.md files #15866
Conversation
Summary of ChangesHello @sontoriyama, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed! This pull request resolves an issue in the Highlights
Using Gemini Code AssistThe full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips. Invoking Gemini You can request assistance from Gemini at any point by creating a comment using either
Customization To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a Limitations & Feedback Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here. You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension. Footnotes
|
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request aims to prevent warnings when GEMINI.md memory discovery encounters a directory with a matching name by adding a check using lstat. However, a high-severity Path Traversal vulnerability has been identified due to the handling of symbolic links, which could allow an attacker to read arbitrary files. Additionally, the current implementation introduces a potential Time-of-check to time-of-use (TOCTOU) race condition; a more robust approach would be to handle the EISDIR error directly in the catch block.
| const stats = await fs.lstat(filePath); | ||
| if (stats.isDirectory()) { | ||
| // Skip directories silently - they're valid memory folders | ||
| if (debugMode) { | ||
| logger.debug( | ||
| `Skipping directory ${filePath} (expected file). Using parent directory for memory discovery instead.`, | ||
| ); | ||
| } | ||
| return { filePath, content: null }; | ||
| } | ||
|
|
||
| const content = await fs.readFile(filePath, 'utf-8'); |
There was a problem hiding this comment.
This code is vulnerable to a high-severity Path Traversal attack using symbolic links. The fs.lstat(filePath) check does not verify if the path is a symbolic link, allowing fs.readFile to follow malicious symlinks and potentially read arbitrary files. Furthermore, this pre-check introduces a Time-of-check to time-of-use (TOCTOU) race condition. To fix this, you must explicitly check for and reject symbolic links. For handling directories, a more robust approach would be to attempt readFile directly and handle the specific EISDIR error in the catch block.
const stats = await fs.lstat(filePath);
if (stats.isSymbolicLink()) {
if (debugMode) {
logger.debug(`Skipping symbolic link: ${filePath}`);
}
return { filePath, content: null };
}
if (stats.isDirectory()) {
// Skip directories silently - they're valid memory folders
if (debugMode) {
logger.debug(
`Skipping directory ${filePath} (expected file). Using parent directory for memory discovery instead.`
);
}
return { filePath, content: null };
}
const content = await fs.readFile(filePath, 'utf-8');
|
Thank you for the thorough review. I appreciate the feedback on both the test logic and the security concern. Regarding the path traversal warning: I understand your concern, but I believe this may be a false positive for the following reasons:
I'm happy to implement any changes the maintainers recommend for this. Thank you again for the detailed feedback! |
|
Updated to use EAFP pattern based on code review feedback. Changes:
Thanks for the feedback - this is definitely cleaner than the pre-check approach! |
sontoriyama
force-pushed
the
fix/gemini-md-directory-clean
branch
2 times, most recently
from
32c2fcf to
27fab85
Compare
When a GEMINI.md filename matches a directory (e.g., user has .gemini/gemini.md/ as a folder), the code attempted to read it as a file, causing unnecessary warnings. This change adds an lstat check before readFile to silently skip directories with a debug log message. Fixes #4760
- Remove unused validGeminiMdFile (GEMINI.md.md not discovered) - Update assertions to match actual behavior of loadServerHierarchicalMemory - Add clear comments explaining expected behavior
Replace lstat() pre-check with try/catch for EISDIR error based on code review feedback. This approach: - Handles symlinks correctly (fs.stat follows links, lstat does not) - Avoids TOCTOU race conditions - More efficient (no double syscall) - More idiomatic Node.js pattern (EAFP) Fixes #4760 Ref: #15866 (comment)
sontoriyama
force-pushed
the
fix/gemini-md-directory-clean
branch
from
27fab85 to
4dc4add
Compare
On non-Debian/Ubuntu Linux distributions, the Antigravity IDE binary is installed as 'antigravity' instead of 'agy'. This commit adds 'antigravity' as a fallback in the editorCommands mapping to enable proper detection on these distributions. Fixes #15553
When a GEMINI.md filename matches a directory (e.g., user has .gemini/gemini.md/ as a folder), the code attempted to read it as a file, causing unnecessary warnings. This change adds an lstat check before readFile to silently skip directories with a debug log message. Fixes #4760
…ent path traversal
gemini-cli
bot
added
the
status/need-issue
|
Thanks for the PR! Can you please create an Issue and link the PR to it? |
|
Thanks for the PR! Can you please fix the failing tests? |
…orm compatibility
|
Closes #16282 |
gemini-cli
bot
added
area/core
2 participants
Refactored to use EAFP pattern (catch EISDIR instead of lstat pre-check). Fixes symlink handling and avoids race conditions. Based on suggestions when testing with gemini-code-assist. Closes #16282