fix(FileSystemStorage): use case-insensitive comparison to test unsafe path

poirierlouis · poirierlouis · commit 7b464ea2f76d · 2026-01-04T17:37:49.000+01:00
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -5,6 +5,10 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 ## [Unreleased]
+### Fixed
+- use case-insensitive comparison to detect unsafe paths. Prevent issues when
+  Vortex is used.
+
 ### Added
 - debug-level logs to diagnosis issues at runtime.
 
diff --git a/src/FileSystemStorage.cpp b/src/FileSystemStorage.cpp
@@ -159,30 +159,32 @@ Red::DynArray<Red::Handle<AsyncFile>> FileSystemStorage::get_async_files() {
 
 std::filesystem::path FileSystemStorage::restrict_path(
   const std::string& p_path, std::error_code& p_error) const {
-  std::filesystem::path path = storage_path / p_path;
+  std::filesystem::path file_path = storage_path / p_path;
 
   // NOTE: See issue regarding usage of `std::weakly_canonical` with MO2:
   //       https://github.com/ModOrganizer2/modorganizer/issues/2039
   if (FileSystem::is_mo2_detected()) {
     if (p_path.find('/') != std::string::npos ||
         p_path.find('\\') != std::string::npos) {
+      FileSystem::debug("Unsafe path detected: \"{}\"", file_path.string().c_str());
       p_error = std::make_error_code(std::errc::permission_denied);
     }
-    return path;
+    return file_path;
   }
 
-  const std::filesystem::path real_path = std::filesystem::weakly_canonical(path, p_error);
+  const std::filesystem::path absolute_path = std::filesystem::weakly_canonical(file_path, p_error);
   if (p_error) {
     FileSystem::debug("Failed to get canonical path for \"{}\": {}", p_path.c_str(), p_error.message().c_str());
-    return real_path;
+    return absolute_path;
   }
 
-  if (real_path.string().find(storage_path.string() + "\\") != 0) {
-    FileSystem::debug("Accessing: \"{}\"", p_path.c_str());
-    FileSystem::debug("Resolving: \"{}\"", real_path.string().c_str());
+  const auto path = to_lower(absolute_path.string());
+  const auto root_path = to_lower(storage_path.string());
+  if (path.find(root_path + "\\") != 0 && path.find(root_path + '/') != 0) {
+    FileSystem::debug("Unsafe path detected: \"{}\"", absolute_path.string().c_str());
     p_error = std::make_error_code(std::errc::permission_denied);
   }
-  return real_path;
+  return absolute_path;
 }
 
 SharedMutex FileSystemStorage::get_mutex(const std::filesystem::path& p_path) {
diff --git a/src/Utils.h b/src/Utils.h
@@ -9,8 +9,17 @@ namespace RedFS {
 
 using SharedMutex = std::shared_ptr<std::mutex>;
 
-static bool equals_insensitive(const std::string& p_a, const std::string& p_b) {
-  return std::ranges::equal(p_a, p_b, [](char a, char b) -> bool {
+inline std::string to_lower(const std::string& p_str) {
+  std::string str = p_str;
+  std::ranges::transform(str, str.begin(),
+                         [](const int c) {
+                           return std::tolower(c);
+                         });
+  return str;
+}
+
+inline bool equals_insensitive(const std::string& p_a, const std::string& p_b) {
+  return std::ranges::equal(p_a, p_b, [](const int a, const int b) -> bool {
     return std::tolower(a) == std::tolower(b);
   });
 }
