admin/Moltbot
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

refactor(security): harden temp-path handling for inbound media

Browse Source
This commit is contained in:
Peter Steinberger
2026-02-19 14:06:11 +01:00
parent 9f9cd5cbb2
commit ec232a9e2d
10 changed files with 235 additions and 41 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
extensions/feishu/src/bot.ts
View File

@@ -7,11 +7,14 @@ import {
DEFAULT_GROUP_HISTORY_LIMIT,
type HistoryEntry,
} from "openclaw/plugin-sdk";
import type { FeishuMessageContext, FeishuMediaInfo, ResolvedFeishuAccount } from "./types.js";
import type { DynamicAgentCreationConfig } from "./types.js";
import { resolveFeishuAccount } from "./accounts.js";
import { createFeishuClient } from "./client.js";
import { tryRecordMessage } from "./dedup.js";
import { maybeCreateDynamicAgent } from "./dynamic-agent.js";
import { downloadImageFeishu, downloadMessageResourceFeishu } from "./media.js";
import { normalizeFeishuExternalKey } from "./external-keys.js";
import { downloadMessageResourceFeishu } from "./media.js";
import { extractMentionTargets, extractMessageBody, isMentionForwardRequest } from "./mention.js";
import {
resolveFeishuGroupConfig,
@@ -22,8 +25,6 @@ import {
import { createFeishuReplyDispatcher } from "./reply-dispatcher.js";
import { getFeishuRuntime } from "./runtime.js";
import { getMessageFeishu, sendMessageFeishu } from "./send.js";
import type { FeishuMessageContext, FeishuMediaInfo, ResolvedFeishuAccount } from "./types.js";
import type { DynamicAgentCreationConfig } from "./types.js";
// --- Permission error extraction ---
// Extract permission grant URL from Feishu API error response.
@@ -224,18 +225,20 @@ function parseMediaKeys(
} {
try {
const parsed = JSON.parse(content);
const imageKey = normalizeFeishuExternalKey(parsed.image_key);
const fileKey = normalizeFeishuExternalKey(parsed.file_key);
switch (messageType) {
case "image":
return { imageKey: parsed.image_key };
return { imageKey };
case "file":
return { fileKey: parsed.file_key, fileName: parsed.file_name };
return { fileKey, fileName: parsed.file_name };
case "audio":
return { fileKey: parsed.file_key };
return { fileKey };
case "video":
// Video has both file_key (video) and image_key (thumbnail)
return { fileKey: parsed.file_key, imageKey: parsed.image_key };
return { fileKey, imageKey };
case "sticker":
return { fileKey: parsed.file_key };
return { fileKey };
default:
return {};
}
@@ -277,7 +280,10 @@ function parsePostContent(content: string): {
}
} else if (element.tag === "img" && element.image_key) {
// Embedded image
imageKeys.push(element.image_key);
const imageKey = normalizeFeishuExternalKey(element.image_key);
if (imageKey) {
imageKeys.push(imageKey);
}
}
}
textContent += "\n";

20
extensions/feishu/src/external-keys.test.ts Normal file
View File

@@ -0,0 +1,20 @@
import { describe, expect, it } from "vitest";
import { normalizeFeishuExternalKey } from "./external-keys.js";
describe("normalizeFeishuExternalKey", () => {
it("accepts a normal feishu key and trims surrounding spaces", () => {
expect(normalizeFeishuExternalKey(" img_v3_01abcDEF123 ")).toBe("img_v3_01abcDEF123");
});
it("rejects traversal and path separator patterns", () => {
expect(normalizeFeishuExternalKey("../etc/passwd")).toBeUndefined();
expect(normalizeFeishuExternalKey("a/../../b")).toBeUndefined();
expect(normalizeFeishuExternalKey("a\\..\\b")).toBeUndefined();
});
it("rejects empty, non-string, and control-char values", () => {
expect(normalizeFeishuExternalKey(" ")).toBeUndefined();
expect(normalizeFeishuExternalKey(123)).toBeUndefined();
expect(normalizeFeishuExternalKey("abc\u0000def")).toBeUndefined();
});
});

19
extensions/feishu/src/external-keys.ts Normal file
View File

@@ -0,0 +1,19 @@
const CONTROL_CHARS_RE = /[\u0000-\u001f\u007f]/;
const MAX_EXTERNAL_KEY_LENGTH = 512;
export function normalizeFeishuExternalKey(value: unknown): string | undefined {
if (typeof value !== "string") {
return undefined;
}
const normalized = value.trim();
if (!normalized || normalized.length > MAX_EXTERNAL_KEY_LENGTH) {
return undefined;
}
if (CONTROL_CHARS_RE.test(normalized)) {
return undefined;
}
if (normalized.includes("/") || normalized.includes("\\") || normalized.includes("..")) {
return undefined;
}
return normalized;
}

40
extensions/feishu/src/media.test.ts
View File

@@ -199,8 +199,8 @@ describe("sendMediaFeishu msg_type routing", () => {
expect(messageReplyMock).not.toHaveBeenCalled();
});
it("does not include imageKey path segments in temp file path", async () => {
const maliciousImageKey = "a/../../../../pwned.txt";
it("uses isolated temp paths for image downloads", async () => {
const imageKey = "img_v3_01abc123";
let capturedPath: string | undefined;
imageGetMock.mockResolvedValueOnce({
@@ -212,12 +212,12 @@ describe("sendMediaFeishu msg_type routing", () => {
const result = await downloadImageFeishu({
cfg: {} as any,
imageKey: maliciousImageKey,
imageKey,
});
expect(result.buffer).toEqual(Buffer.from("image-data"));
expect(capturedPath).toBeDefined();
expect(capturedPath).not.toContain(maliciousImageKey);
expect(capturedPath).not.toContain(imageKey);
expect(capturedPath).not.toContain("..");
const tmpRoot = path.resolve(os.tmpdir());
@@ -226,8 +226,8 @@ describe("sendMediaFeishu msg_type routing", () => {
expect(rel === ".." || rel.startsWith(`..${path.sep}`)).toBe(false);
});
it("does not include fileKey path segments in temp file path", async () => {
const maliciousFileKey = "x/../../../../../etc/hosts";
it("uses isolated temp paths for message resource downloads", async () => {
const fileKey = "file_v3_01abc123";
let capturedPath: string | undefined;
messageResourceGetMock.mockResolvedValueOnce({
@@ -240,13 +240,13 @@ describe("sendMediaFeishu msg_type routing", () => {
const result = await downloadMessageResourceFeishu({
cfg: {} as any,
messageId: "om_123",
fileKey: maliciousFileKey,
fileKey,
type: "image",
});
expect(result.buffer).toEqual(Buffer.from("resource-data"));
expect(capturedPath).toBeDefined();
expect(capturedPath).not.toContain(maliciousFileKey);
expect(capturedPath).not.toContain(fileKey);
expect(capturedPath).not.toContain("..");
const tmpRoot = path.resolve(os.tmpdir());
@@ -254,4 +254,28 @@ describe("sendMediaFeishu msg_type routing", () => {
const rel = path.relative(tmpRoot, resolved);
expect(rel === ".." || rel.startsWith(`..${path.sep}`)).toBe(false);
});
it("rejects invalid image keys before calling feishu api", async () => {
await expect(
downloadImageFeishu({
cfg: {} as any,
imageKey: "a/../../bad",
}),
).rejects.toThrow("invalid image_key");
expect(imageGetMock).not.toHaveBeenCalled();
});
it("rejects invalid file keys before calling feishu api", async () => {
await expect(
downloadMessageResourceFeishu({
cfg: {} as any,
messageId: "om_123",
fileKey: "x/../../bad",
type: "file",
}),
).rejects.toThrow("invalid file_key");
expect(messageResourceGetMock).not.toHaveBeenCalled();
});
});

31
extensions/feishu/src/media.ts
View File

@@ -1,10 +1,10 @@
import fs from "fs";
import os from "os";
import { withTempDownloadPath, type ClawdbotConfig } from "openclaw/plugin-sdk";
import path from "path";
import { Readable } from "stream";
import type { ClawdbotConfig } from "openclaw/plugin-sdk";
import { resolveFeishuAccount } from "./accounts.js";
import { createFeishuClient } from "./client.js";
import { normalizeFeishuExternalKey } from "./external-keys.js";
import { getFeishuRuntime } from "./runtime.js";
import { assertFeishuMessageApiSuccess, toFeishuSendResult } from "./send-result.js";
import { resolveReceiveIdType, normalizeFeishuTarget } from "./targets.js";
@@ -20,19 +20,6 @@ export type DownloadMessageResourceResult = {
fileName?: string;
};
async function withTempDownloadPath<T>(
prefix: string,
fn: (tmpPath: string) => Promise<T>,
): Promise<T> {
const dir = await fs.promises.mkdtemp(path.join(os.tmpdir(), prefix));
const tmpPath = path.join(dir, "download.bin");
try {
return await fn(tmpPath);
} finally {
await fs.promises.rm(dir, { recursive: true, force: true }).catch(() => {});
}
}
async function readFeishuResponseBuffer(params: {
response: unknown;
tmpDirPrefix: string;
@@ -66,7 +53,7 @@ async function readFeishuResponseBuffer(params: {
return Buffer.concat(chunks);
}
if (typeof responseAny.writeFile === "function") {
return await withTempDownloadPath(params.tmpDirPrefix, async (tmpPath) => {
return await withTempDownloadPath({ prefix: params.tmpDirPrefix }, async (tmpPath) => {
await responseAny.writeFile(tmpPath);
return await fs.promises.readFile(tmpPath);
});
@@ -101,6 +88,10 @@ export async function downloadImageFeishu(params: {
accountId?: string;
}): Promise<DownloadImageResult> {
const { cfg, imageKey, accountId } = params;
const normalizedImageKey = normalizeFeishuExternalKey(imageKey);
if (!normalizedImageKey) {
throw new Error("Feishu image download failed: invalid image_key");
}
const account = resolveFeishuAccount({ cfg, accountId });
if (!account.configured) {
throw new Error(`Feishu account "${account.accountId}" not configured`);
@@ -109,7 +100,7 @@ export async function downloadImageFeishu(params: {
const client = createFeishuClient(account);
const response = await client.im.image.get({
path: { image_key: imageKey },
path: { image_key: normalizedImageKey },
});
const buffer = await readFeishuResponseBuffer({
@@ -132,6 +123,10 @@ export async function downloadMessageResourceFeishu(params: {
accountId?: string;
}): Promise<DownloadMessageResourceResult> {
const { cfg, messageId, fileKey, type, accountId } = params;
const normalizedFileKey = normalizeFeishuExternalKey(fileKey);
if (!normalizedFileKey) {
throw new Error("Feishu message resource download failed: invalid file_key");
}
const account = resolveFeishuAccount({ cfg, accountId });
if (!account.configured) {
throw new Error(`Feishu account "${account.accountId}" not configured`);
@@ -140,7 +135,7 @@ export async function downloadMessageResourceFeishu(params: {
const client = createFeishuClient(account);
const response = await client.im.messageResource.get({
path: { message_id: messageId, file_key: fileKey },
path: { message_id: messageId, file_key: normalizedFileKey },
params: { type },
});