mirror of
https://github.com/openclaw/openclaw.git
synced 2026-02-09 05:19:32 +08:00
fix: harden WhatsApp accountId auth dir (#4610) (thanks @leszekszpunar)
This commit is contained in:
Peter Steinberger
@@ -15,6 +15,7 @@ Docs: https://docs.openclaw.ai
|
||||
|
||||
### Fixes
|
||||
|
||||
- Web: sanitize WhatsApp accountId auth directories and preserve legacy casing. (#4610) Thanks @leszekszpunar.
|
||||
- Auto-reply: avoid referencing workspace files in /new greeting prompt. (#5706) Thanks @bravostation.
|
||||
- Process: resolve Windows `spawn()` failures for npm-family CLIs by appending `.cmd` when needed. (#5815) Thanks @thejhinvirtuoso.
|
||||
- Discord: resolve PluralKit proxied senders for allowlists and labels. (#5838) Thanks @thewilloftheshadow.
|
||||
|
||||
@@ -1,20 +1,40 @@
|
||||
import fs from "node:fs";
|
||||
import os from "node:os";
|
||||
import path from "node:path";
|
||||
import { describe, expect, it } from "vitest";
|
||||
import { afterEach, beforeEach, describe, expect, it } from "vitest";
|
||||
import { resolveWhatsAppAuthDir } from "./accounts.js";
|
||||
|
||||
describe("resolveWhatsAppAuthDir", () => {
|
||||
const stubCfg = { channels: { whatsapp: { accounts: {} } } } as Parameters<
|
||||
typeof resolveWhatsAppAuthDir
|
||||
>[0]["cfg"];
|
||||
let prevOauthDir: string | undefined;
|
||||
let tempOauthDir: string;
|
||||
|
||||
beforeEach(() => {
|
||||
prevOauthDir = process.env.OPENCLAW_OAUTH_DIR;
|
||||
tempOauthDir = fs.mkdtempSync(path.join(os.tmpdir(), "openclaw-auth-"));
|
||||
process.env.OPENCLAW_OAUTH_DIR = tempOauthDir;
|
||||
});
|
||||
|
||||
afterEach(() => {
|
||||
if (prevOauthDir === undefined) {
|
||||
delete process.env.OPENCLAW_OAUTH_DIR;
|
||||
} else {
|
||||
process.env.OPENCLAW_OAUTH_DIR = prevOauthDir;
|
||||
}
|
||||
});
|
||||
|
||||
it("sanitizes path traversal sequences in accountId", () => {
|
||||
const { authDir } = resolveWhatsAppAuthDir({
|
||||
cfg: stubCfg,
|
||||
accountId: "../../../etc/passwd",
|
||||
});
|
||||
// Sanitized accountId must not escape the whatsapp auth directory.
|
||||
expect(authDir).not.toContain("..");
|
||||
expect(path.basename(authDir)).not.toContain("/");
|
||||
const baseDir = path.join(tempOauthDir, "whatsapp");
|
||||
const relative = path.relative(baseDir, authDir);
|
||||
// Sanitized accountId must stay under the whatsapp auth directory.
|
||||
expect(relative.startsWith("..")).toBe(false);
|
||||
expect(path.isAbsolute(relative)).toBe(false);
|
||||
});
|
||||
|
||||
it("sanitizes special characters in accountId", () => {
|
||||
@@ -22,11 +42,11 @@ describe("resolveWhatsAppAuthDir", () => {
|
||||
cfg: stubCfg,
|
||||
accountId: "foo/bar\\baz",
|
||||
});
|
||||
// Sprawdzaj sanityzacje na segmencie accountId, nie na calej sciezce
|
||||
// (Windows uzywa backslash jako separator katalogow).
|
||||
// Check sanitization on the accountId segment, not the full path (Windows uses backslash).
|
||||
const segment = path.basename(authDir);
|
||||
expect(segment).not.toContain("/");
|
||||
expect(segment).not.toContain("\\");
|
||||
expect(segment).toBe("foo-bar-baz");
|
||||
});
|
||||
|
||||
it("returns default directory for empty accountId", () => {
|
||||
@@ -44,4 +64,14 @@ describe("resolveWhatsAppAuthDir", () => {
|
||||
});
|
||||
expect(authDir).toMatch(/whatsapp[/\\]my-account-1$/);
|
||||
});
|
||||
|
||||
it("keeps legacy casing when a matching auth directory exists", () => {
|
||||
const legacyDir = path.join(tempOauthDir, "whatsapp", "Work");
|
||||
fs.mkdirSync(legacyDir, { recursive: true });
|
||||
const { authDir } = resolveWhatsAppAuthDir({
|
||||
cfg: stubCfg,
|
||||
accountId: "Work",
|
||||
});
|
||||
expect(authDir).toBe(legacyDir);
|
||||
});
|
||||
});
|
||||
|
||||
@@ -29,6 +29,8 @@ export type ResolvedWhatsAppAccount = {
|
||||
debounceMs?: number;
|
||||
};
|
||||
|
||||
const SAFE_ACCOUNT_SEGMENT_RE = /^[a-z0-9_-]+$/i;
|
||||
|
||||
function listConfiguredAccountIds(cfg: OpenClawConfig): string[] {
|
||||
const accounts = cfg.channels?.whatsapp?.accounts;
|
||||
if (!accounts || typeof accounts !== "object") {
|
||||
@@ -95,7 +97,30 @@ function resolveAccountConfig(
|
||||
}
|
||||
|
||||
function resolveDefaultAuthDir(accountId: string): string {
|
||||
return path.join(resolveOAuthDir(), "whatsapp", normalizeAccountId(accountId));
|
||||
const baseDir = path.join(resolveOAuthDir(), "whatsapp");
|
||||
const normalized = normalizeAccountId(accountId);
|
||||
const normalizedDir = path.join(baseDir, normalized);
|
||||
|
||||
const trimmed = accountId.trim();
|
||||
if (trimmed && trimmed !== normalized && SAFE_ACCOUNT_SEGMENT_RE.test(trimmed)) {
|
||||
const legacyDir = path.join(baseDir, trimmed);
|
||||
try {
|
||||
if (fs.existsSync(legacyDir)) {
|
||||
if (!fs.existsSync(normalizedDir)) {
|
||||
return legacyDir;
|
||||
}
|
||||
const legacyStat = fs.statSync(legacyDir);
|
||||
const normalizedStat = fs.statSync(normalizedDir);
|
||||
if (legacyStat.dev === normalizedStat.dev && legacyStat.ino === normalizedStat.ino) {
|
||||
return legacyDir;
|
||||
}
|
||||
}
|
||||
} catch {
|
||||
// ignore fs errors and fall back to normalized path
|
||||
}
|
||||
}
|
||||
|
||||
return normalizedDir;
|
||||
}
|
||||
|
||||
function resolveLegacyAuthDir(): string {
|
||||
|
||||
Reference in New Issue
Block a user