From b37bfc0162a5d97a3da687568e1ba39060f394bc Mon Sep 17 00:00:00 2001
From: anoracleofra-code <anoracleofra@gmail.com>
Date: Sat, 14 Mar 2026 14:48:47 -0600
Subject: [PATCH] fix: add path traversal guard to updater extraction

Validates that every destination path stays within project_root
before writing. Prevents a malicious zip from writing outside
the project directory via ../traversal entries.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

Former-commit-id: 3140416e80b1b56e4e6cccc930d11c2d5f9b1611
---
 backend/services/updater.py | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/backend/services/updater.py b/backend/services/updater.py
index c6e8096..ea2af79 100644
--- a/backend/services/updater.py
+++ b/backend/services/updater.py
@@ -171,7 +171,12 @@ def _extract_and_copy(zip_path: str, project_root: str, temp_dir: str) -> int:
                 skipped += 1
                 continue
 
-            dst = os.path.join(project_root, rel)
+            dst = os.path.abspath(os.path.join(project_root, rel))
+            # Safety: never write outside the project root (zip path traversal)
+            if not dst.startswith(os.path.abspath(project_root)):
+                logger.warning(f"Safety skip (path traversal): {rel}")
+                skipped += 1
+                continue
             try:
                 os.makedirs(os.path.dirname(dst), exist_ok=True)
                 shutil.copy2(src, dst)