mirrors/hermes-agent
1
0
Fork 0
mirror of https://github.com/NousResearch/hermes-agent.git synced 2026-06-24 10:52:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 5

fix(V-009): reject Windows drive-letter paths in session field validation

Browse source 
Extends the CWE-22 path traversal guard to cover Windows absolute paths
of the form C:/... and D:\... — previously only leading / and \ were
checked, which missed drive-letter prefixes. Replaces the inline
startswith check with a compiled module-level regex (_TRAVERSAL_RE) that
covers all three attack patterns: .., leading /\, and leading X: drives.
Adds two regression tests for C:/windows/system32 and D:\\path\\to\\file.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
OrbisAI Security 2026-06-05 13:40:50 +05:30 committed by Teknium
parent 3a6a43cb81
commit aa2aac68b0
2 changed files with 17 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

10
tests/gateway/test_session.py
View file

@ -1085,6 +1085,16 @@ class TestSessionEntryFromDictTraversalValidation:
with pytest.raises(ValueError, match="session_id"):
SessionEntry.from_dict(self._entry(session_id="\\windows\\system32\\config"))
def test_session_id_windows_drive_letter_raises(self):
from gateway.session import SessionEntry
with pytest.raises(ValueError, match="session_id"):
SessionEntry.from_dict(self._entry(session_id="C:/windows/system32"))
def test_session_id_windows_drive_backslash_raises(self):
from gateway.session import SessionEntry
with pytest.raises(ValueError, match="session_id"):
SessionEntry.from_dict(self._entry(session_id="D:\\path\\to\\file"))
class TestEnsureLoadedSkipsInvalidEntries:
"""Regression: one bad sessions.json entry must not block valid entries from loading."""