fix(postgres): handle log-dir root path safely in log file resolver

Vonng · Vonng · commit 0615919ab074 · 2026-02-14T07:43:45.000+08:00
diff --git a/cli/postgres/log.go b/cli/postgres/log.go
@@ -32,7 +32,8 @@ func resolveRequestedLogFile(logDir string, file string) (string, error) {
 
 	cleanDir := filepath.Clean(logDir)
 	logPath := filepath.Clean(filepath.Join(cleanDir, file))
-	if !strings.HasPrefix(logPath, cleanDir+string(filepath.Separator)) {
+	rel, err := filepath.Rel(cleanDir, logPath)
+	if err != nil || rel == ".." || strings.HasPrefix(rel, ".."+string(filepath.Separator)) {
 		return "", fmt.Errorf("invalid log file path")
 	}
 	return logPath, nil
diff --git a/cli/postgres/log_security_test.go b/cli/postgres/log_security_test.go
@@ -13,6 +13,16 @@ func TestResolveRequestedLogFileValid(t *testing.T) {
 	}
 }
 
+func TestResolveRequestedLogFileValidRootDir(t *testing.T) {
+	got, err := resolveRequestedLogFile("/", "passwd")
+	if err != nil {
+		t.Fatalf("resolveRequestedLogFile returned error: %v", err)
+	}
+	if got != "/passwd" {
+		t.Fatalf("resolveRequestedLogFile returned %q, want %q", got, "/passwd")
+	}
+}
+
 func TestResolveRequestedLogFileRejectsTraversal(t *testing.T) {
 	tests := []string{
 		"../../../etc/hosts",

Original file line number	Diff line number	Diff line change
`@@ -32,7 +32,8 @@ func resolveRequestedLogFile(logDir string, file string) (string, error) {`
`32`	`32`
`33`	`33`	`cleanDir := filepath.Clean(logDir)`
`34`	`34`	`logPath := filepath.Clean(filepath.Join(cleanDir, file))`
`35`		`- if !strings.HasPrefix(logPath, cleanDir+string(filepath.Separator)) {`
	`35`	`+ rel, err := filepath.Rel(cleanDir, logPath)`
	`36`	`+ if err != nil \|\| rel == ".." \|\| strings.HasPrefix(rel, ".."+string(filepath.Separator)) {`
`36`	`37`	`return "", fmt.Errorf("invalid log file path")`
`37`	`38`	`}`
`38`	`39`	`return logPath, nil`