🛡️ Sentinel: [HIGH] Gherkin 내보내기 경로 탐색 취약점 수정

[seonghobae]

🚨 Severity: HIGH
💡 Vulnerability: vspec export gherkin 실행 시 --output 옵션에 ../../ 같은 경로 탐색 문자열을 입력하면 프로젝트 루트 외부 임의의 위치에 파일을 쓸 수 있는 취약점이 발견되었습니다.
🎯 Impact: 악의적인 파일 덮어쓰기나 프로젝트 외부 영역의 파일 생성으로 인해 시스템 손상이 발생할 수 있습니다.
🔧 Fix: path.resolve로 절대 경로를 만들고 path.relative를 사용해 대상 경로가 config.root 내부에 위치하는지 엄격히 검사하도록 src/export/gherkin.ts를 수정했습니다. 검사에 실패하면 VspecError("INVALID_ARGUMENT")를 발생시킵니다.
✅ Verification: pnpm typecheck 및 pnpm test가 모두 성공하며, tests/gherkin.test.ts에 이를 방어하는 전용 테스트 케이스를 추가했습니다.

---

PR created automatically by Jules for task 16705097182536217132 started by @seonghobae

[google-labs-jules]

👋 Jules, reporting for duty! I'm here to lend a hand with this pull request.

When you start a review, I'll add a 👀 emoji to each comment to let you know I've read it. I'll focus on feedback directed at me and will do my best to stay out of conversations between you and other bots or reviewers to keep the noise down.

I'll push a commit with your requested changes shortly after. Please note there might be a delay between these steps, but rest assured I'm on the job!

For more direct control, you can switch me to Reactive Mode. When this mode is on, I will only act on comments where you specifically mention me with @jules. You can find this option in the Pull Request section of your global Jules UI settings. You can always switch back!

New to Jules? Learn more at jules.google/docs.

---

For security, I will only act on instructions from the user who triggered this task.

[greptile-apps]

Your free trial has ended. If you'd like to continue receiving code reviews, you can add a payment method here.

[coderabbitai]

Linter diff in the way? Review this PR in Change Stack to focus on meaningful changes and expand context only when needed.

📝 Walkthrough

Summary by CodeRabbit

릴리스 노트

• Bug Fixes

  • Gherkin export 기능의 보안 취약점을 수정했습니다. 출력 경로가 프로젝트 루트를 벗어나는 경우 오류를 발생시키도록 개선했습니다.

• Tests

  • 경로 검증 로직이 정상 작동하는지 확인하는 테스트를 추가했습니다.

• Documentation

  • 경로 조작 취약점에 대한 설명과 대응 방안을 문서화했습니다.

요약

Gherkin 내보내기의 --output 경로 인자가 프로젝트 루트를 벗어나는 경로 트래버설 공격에 취약했던 점을 resolve/relative 기반의 경로 검증으로 차단합니다. 취약점 문서, 구현 수정, 테스트 커버리지가 함께 추가됩니다.

변경 사항

경로 트래버설 취약점 수정

계층 / 파일(들)	요약
경로 트래버설 취약점 해결 .jules/sentinel.md, src/export/gherkin.ts	exportGherkin의 --output 인자가 프로젝트 루트를 벗어나는 경로 조작을 허용했던 취약점을 문서화합니다. resolve(config.root, output)으로 절대 경로를 구성한 뒤 relative(config.root, outputPath)가 ..로 시작하거나 절대 경로인 경우 VspecError("INVALID_ARGUMENT", ...)를 throw하여 루트 탈출을 차단합니다. path 모듈의 relative, resolve, isAbsolute 함수를 추가로 import합니다.
경로 탈출 검증 테스트 tests/gherkin.test.ts	임시 프로젝트 루트를 설정하여 exportGherkin이 상위 경로 트래버설(..)을 시도할 때 "Export path escapes the project root." 오류를 던지는지 검증하는 테스트를 추가합니다. 테스트 전후에 임시 디렉터리를 생성/삭제하고 필요한 유틸을 import합니다.

예상 코드 리뷰 난이도

🎯 3 (적정) | ⏱️ ~20분

시

악의로 위를 향해 가는 경로를 🐰
절대 경로로 구속하고
상대를 측정하여
루트에서 탈주 막겠네 🛡️
시큐어한 내보내기, 이제는 안전해! ✨

---

Caution

Pre-merge checks failed

Please resolve all errors before merging. Addressing warnings is optional.

• Ignore

❌ Failed checks (1 error)

Check name	Status	Explanation	Resolution
Docstring Coverage	❌ Error	Docstring coverage is 0.00% which is insufficient. The required threshold is 100.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	PR 제목은 경로 탐색(path traversal) 취약점 수정을 명확하게 설명하며 변경 사항의 핵심을 정확히 반영합니다.
Description check	✅ Passed	PR 설명은 취약점의 심각도, 영향, 해결 방법, 검증 내용을 상세히 기술하며 변경 사항과 완전히 일치합니다.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch sentinel/fix-path-traversal-16705097182536217132

✨ Simplify code

• Create PR with simplified code
• Commit simplified code in branch sentinel/fix-path-traversal-16705097182536217132

Warning

Billing warning: we have not been able to collect payment for this subscription for more than 72 hours. Please update the payment method or pay any pending invoices in Billing to avoid service interruption.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@src/export/gherkin.ts`:
- Around line 43-51: The current path-check uses resolve/relative string checks
which can be bypassed via symlinks; update the export flow to compare real
paths: compute realRoot = realpathSync(config.root) and realTarget =
realpathSync(dirname(outputPath)) (or realpathSync(outputPath) if it exists) and
ensure realTarget.startsWith(realRoot) before calling mkdirSync or
writeFileSync; additionally, use lstatSync on each path component as needed to
detect unexpected symlinks and fail if a symlink would escape the root
(references: outputPath, rel, config.root, mkdirSync, writeFileSync).

In `@tests/gherkin.test.ts`:
- Around line 30-37: Update the test so it asserts the thrown error is a
VspecError and that error.code === "INVALID_ARGUMENT" in addition to the
message: import or reference the VspecError symbol, replace the single
expect(...).toThrowError(...) with a try/catch around exportGherkin({ ...
output: "...." }) that fails if no error is thrown, then in the catch assert
expect(err).toBeInstanceOf(VspecError),
expect(err.code).toBe("INVALID_ARGUMENT"), and still check the message (e.g.,
expect(err.message).toMatch(/Export path escapes/)) to fully validate the error
contract thrown by exportGherkin.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: f1d9d1e1-ae32-447b-8459-7e95df4239ff

📥 Commits

Reviewing files that changed from the base of the PR and between f4278ec and 242cfe2.

📒 Files selected for processing (3)

• .jules/sentinel.md
• src/export/gherkin.ts
• tests/gherkin.test.ts

[coderabbitai]

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Verify current implementation is lexical-only (no canonical/symlink guard).
rg -n 'exportGherkin|resolve\(|relative\(|realpathSync|lstatSync|writeFileSync' src/export/gherkin.ts

Repository: Seongho-Bae/vooster-v2-mvp

Length of output: 371

---

🏁 Script executed:

#!/bin/bash
sed -n '1,120p' src/export/gherkin.ts

Repository: Seongho-Bae/vooster-v2-mvp

Length of output: 2385

---

심볼릭 링크로 프로젝트 루트 경계를 우회해 쓰기가 가능함 (src/export/gherkin.ts:43-51)

현재 검사는 resolve/relative로 “문자열 경계”만 확인하고, config.root/부모/대상 경로의 realpath 및 symlink 여부를 전혀 검증하지 않습니다. 루트 내부에 symlink이 포함되면 mkdirSync(...)/writeFileSync(...)가 실제로 루트 밖을 가리키는 경로에 파일을 기록할 수 있습니다.

🔒 제안 수정안

-import { mkdirSync, readFileSync, writeFileSync } from "node:fs";
+import { existsSync, lstatSync, mkdirSync, readFileSync, realpathSync, writeFileSync } from "node:fs";
 import { dirname, join, relative, resolve, isAbsolute } from "node:path";
@@
-  const outputPath = resolve(config.root, output);
+  const rootReal = realpathSync(config.root);
+  const outputPath = resolve(rootReal, output);
 
-  const rel = relative(config.root, outputPath);
+  const rel = relative(rootReal, outputPath);
   if (rel.startsWith("..") || isAbsolute(rel)) {
     throw new VspecError("INVALID_ARGUMENT", "Export path escapes the project root.");
   }
 
   mkdirSync(dirname(outputPath), { recursive: true });
+  const parentReal = realpathSync(dirname(outputPath));
+  const parentRel = relative(rootReal, parentReal);
+  if (parentRel.startsWith("..") || isAbsolute(parentRel)) {
+    throw new VspecError("INVALID_ARGUMENT", "Export path escapes the project root.");
+  }
+  if (existsSync(outputPath) && lstatSync(outputPath).isSymbolicLink()) {
+    throw new VspecError("INVALID_ARGUMENT", "Export path escapes the project root.");
+  }
   writeFileSync(outputPath, text);

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@src/export/gherkin.ts` around lines 43 - 51, The current path-check uses
resolve/relative string checks which can be bypassed via symlinks; update the
export flow to compare real paths: compute realRoot = realpathSync(config.root)
and realTarget = realpathSync(dirname(outputPath)) (or realpathSync(outputPath)
if it exists) and ensure realTarget.startsWith(realRoot) before calling
mkdirSync or writeFileSync; additionally, use lstatSync on each path component
as needed to detect unexpected symlinks and fail if a symlink would escape the
root (references: outputPath, rel, config.root, mkdirSync, writeFileSync).

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Verify whether tests assert error code/type contract in addition to message.
rg -n 'Export path escapes the project root|INVALID_ARGUMENT|VspecError|toThrowError' tests/gherkin.test.ts src/export/gherkin.ts

Repository: Seongho-Bae/vooster-v2-mvp

Length of output: 338

---

에러 메시지뿐 아니라 VspecError 코드 계약도 단언하도록 테스트를 보강하세요.

• src/export/gherkin.ts는 경로 탈출 시 new VspecError("INVALID_ARGUMENT", ...)를 던지는데, tests/gherkin.test.ts는 현재 메시지만 toThrowError로 검증하고 있습니다.
• error가 VspecError인지와 error.code === "INVALID_ARGUMENT"까지 함께 확인하도록 변경해 회귀를 막아주세요.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@tests/gherkin.test.ts` around lines 30 - 37, Update the test so it asserts
the thrown error is a VspecError and that error.code === "INVALID_ARGUMENT" in
addition to the message: import or reference the VspecError symbol, replace the
single expect(...).toThrowError(...) with a try/catch around exportGherkin({ ...
output: "...." }) that fails if no error is thrown, then in the catch assert
expect(err).toBeInstanceOf(VspecError),
expect(err.code).toBe("INVALID_ARGUMENT"), and still check the message (e.g.,
expect(err.message).toMatch(/Export path escapes/)) to fully validate the error
contract thrown by exportGherkin.