fix: prevent Path Traversal vulnerability in upload endpoint

- Add sanitize_filename() function to validate and clean uploaded filenames - Remove path separators, traversal sequences, and control characters - Verify final paths stay within input directory using Path.resolve() - Return HTTP 400 errors for unsafe filenames - Prevents directory traversal attacks like ../../../etc/passwd
2025-06-27 02:33:05 +08:00 · 2025-06-27 02:33:05 +08:00 · 60777d535b
commit 60777d535b
parent 44daf51501
1 changed files with 50 additions and 4 deletions
--- a/lightrag/api/routers/document_routes.py
+++ b/lightrag/api/routers/document_routes.py
@ -62,6 +62,49 @@ router = APIRouter(
 temp_prefix = "__tmp__"


+def sanitize_filename(filename: str, input_dir: Path) -> str:
+    """
+    Sanitize uploaded filename to prevent Path Traversal attacks.
+    
+    Args:
+        filename: The original filename from the upload
+        input_dir: The target input directory
+        
+    Returns:
+        str: Sanitized filename that is safe to use
+        
+    Raises:
+        HTTPException: If the filename is unsafe or invalid
+    """
+    # Basic validation
+    if not filename or not filename.strip():
+        raise HTTPException(status_code=400, detail="Filename cannot be empty")
+    
+    # Remove path separators and traversal sequences
+    clean_name = filename.replace('/', '').replace('\\', '')
+    clean_name = clean_name.replace('..', '')
+    
+    # Remove control characters and null bytes
+    clean_name = ''.join(c for c in clean_name if ord(c) >= 32 and c != '\x7f')
+    
+    # Remove leading/trailing whitespace and dots
+    clean_name = clean_name.strip().strip('.')
+    
+    # Check if anything is left after sanitization
+    if not clean_name:
+        raise HTTPException(status_code=400, detail="Invalid filename after sanitization")
+    
+    # Verify the final path stays within the input directory
+    try:
+        final_path = (input_dir / clean_name).resolve()
+        if not final_path.is_relative_to(input_dir.resolve()):
+            raise HTTPException(status_code=400, detail="Unsafe filename detected")
+    except (OSError, ValueError):
+        raise HTTPException(status_code=400, detail="Invalid filename")
+    
+    return clean_name
+
+
 class ScanResponse(BaseModel):
    """Response model for document scanning operation

@ -986,18 +1029,21 @@ def create_document_routes(
            HTTPException: If the file type is not supported (400) or other errors occur (500).
        """
        try:
-            if not doc_manager.is_supported_file(file.filename):
+            # Sanitize filename to prevent Path Traversal attacks
+            safe_filename = sanitize_filename(file.filename, doc_manager.input_dir)
+            
+            if not doc_manager.is_supported_file(safe_filename):
                raise HTTPException(
                    status_code=400,
                    detail=f"Unsupported file type. Supported types: {doc_manager.supported_extensions}",
                )

-            file_path = doc_manager.input_dir / file.filename
+            file_path = doc_manager.input_dir / safe_filename
            # Check if file already exists
            if file_path.exists():
                return InsertResponse(
                    status="duplicated",
-                    message=f"File '{file.filename}' already exists in the input directory.",
+                    message=f"File '{safe_filename}' already exists in the input directory.",
                )

            with open(file_path, "wb") as buffer:
@ -1008,7 +1054,7 @@ def create_document_routes(

            return InsertResponse(
                status="success",
-                message=f"File '{file.filename}' uploaded successfully. Processing will continue in background.",
+                message=f"File '{safe_filename}' uploaded successfully. Processing will continue in background.",
            )
        except Exception as e:
            logger.error(f"Error /documents/upload: {file.filename}: {str(e)}")