🛡️ Sentinel: [CRITICAL] 경로 탐색 취약점 수정 by seonghobae · Pull Request #49 · ContextualWisdomLab/vooster-v2-mvp

seonghobae · 2026-06-09T05:27:35Z

🚨 Severity: CRITICAL
💡 Vulnerability: vspec export gherkin 명령에서 --output 옵션의 파일 경로를 검증하지 않아 path traversal 공격이 가능했습니다.
🎯 Impact: 공격자가 ../../../etc/passwd 와 같은 악성 경로를 입력하여 프로젝트 폴더 외부에 위치한 임의의 민감한 파일에 접근하거나 덮어쓸 위험이 있었습니다.
🔧 Fix: Node.js의 path.resolve 및 path.relative 를 사용해 생성된 경로가 항상 설정된 config root 내부에 있도록 검증하는 방어 코드를 추가했습니다.
✅ Verification: npx vitest tests/gherkin.test.ts 와 전체 테스트 스위트 pnpm test가 통과하는 것을 확인했습니다.

PR created automatically by Jules for task 14294950985736443331 started by @seonghobae

exportGherkin 함수에서 사용자가 제공한 --output 옵션 경로가 config.root 외부의 파일 시스템 경로를 가리키지 못하도록 방어 코드를 추가했습니다. - path.resolve와 path.relative를 사용하여 프로젝트 외부 경로에 대한 읽기/쓰기를 제한합니다. - 경로 제한 위반 시 VspecError를 던집니다. - tests/gherkin.test.ts에 통합 테스트를 추가했습니다.

google-labs-jules · 2026-06-09T05:27:36Z

👋 Jules, reporting for duty! I'm here to lend a hand with this pull request.

When you start a review, I'll add a 👀 emoji to each comment to let you know I've read it. I'll focus on feedback directed at me and will do my best to stay out of conversations between you and other bots or reviewers to keep the noise down.

I'll push a commit with your requested changes shortly after. Please note there might be a delay between these steps, but rest assured I'm on the job!

For more direct control, you can switch me to Reactive Mode. When this mode is on, I will only act on comments where you specifically mention me with @jules. You can find this option in the Pull Request section of your global Jules UI settings. You can always switch back!

New to Jules? Learn more at jules.google/docs.

For security, I will only act on instructions from the user who triggered this task.

coderabbitai · 2026-06-09T05:27:44Z

📝 Walkthrough

Summary by CodeRabbit

릴리스 노트

버그 수정
- Gherkin 내보내기 기능에서 출력 경로 검증을 강화하여 프로젝트 범위 외부로의 파일 쓰기 시도를 방지합니다.
테스트
- 경로 검증 보안 검사를 위한 테스트 케이스가 추가되었습니다.

Walkthrough

exportGherkin 함수의 --output 인자가 프로젝트 루트 범위를 벗어나는 경로 설정을 허용하는 경로 순회 취약점을 수정합니다. 경로 검증 로직을 구현하고, 관련 테스트와 보안 문서를 추가합니다.

Changes

경로 순회 취약점 수정

Layer / File(s)	Summary
경로 순회 취약점 문서화 `.jules/sentinel.md`	exportGherkin의 --output 경로 검증 누락으로 인한 취약점을 설명하고, path.resolve를 이용한 경계 검증 방식을 문서화함.
경로 검증 로직 구현 및 import 확장 `src/export/gherkin.ts`	node:path import에 resolve, relative, isAbsolute를 추가하고, outputPath를 resolve(config.root, output)로 계산한 뒤 상대 경로로 변환하여 범위를 검증. 범위를 벗어나면 VspecError("INVALID_ARGUMENT", ...)를 던짐.
경로 순회 방지 테스트 `tests/gherkin.test.ts`	exportGherkin과 VspecError를 import하고, 상위 디렉터리 경로 입력 시 INVALID_ARGUMENT 에러가 발생하는지 검증하는 테스트 케이스를 추가.

🎯 2 (Simple) | ⏱️ ~12분

🐰 경로를 지키는 방어막이 세워졌네,
../../../ 악의를 막아내고,
프로젝트 경계 안에서만 노니는
안전한 파일들의 춤이 펼쳐진다!
resolve와 relative의 손잡음으로 ✨

Caution

Pre-merge checks failed

Please resolve all errors before merging. Addressing warnings is optional.

Ignore

❌ Failed checks (1 error)

Check name	Status	Explanation	Resolution
Docstring Coverage	❌ Error	Docstring coverage is 0.00% which is insufficient. The required threshold is 100.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	Pull request 제목이 경로 탐색 취약점 수정이라는 주요 변경 사항을 명확하게 설명하고 있으며, 변경 내용과 관련성이 높습니다.
Description check	✅ Passed	Pull request 설명이 문제점, 영향, 수정 내용, 검증 결과를 상세하게 설명하고 있으며, 변경 사항과 완전히 관련성이 높습니다.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

✨ Finishing Touches

📝 Generate docstrings

Create stacked PR
Commit on current branch

🧪 Generate unit tests (beta)

Create PR with unit tests
Commit unit tests in branch fix-path-traversal-gherkin-14294950985736443331

✨ Simplify code

Create PR with simplified code
Commit simplified code in branch fix-path-traversal-gherkin-14294950985736443331

Warning

Billing warning: we have not been able to collect payment for this subscription for more than 72 hours. Please update the payment method or pay any pending invoices in Billing to avoid service interruption.

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

coderabbitai

Actionable comments posted: 1

🧹 Nitpick comments (1)

tests/gherkin.test.ts (1)

15-22: ⚡ Quick win

테스트가 잘 작성되었으나, 추가 공격 벡터에 대한 커버리지를 보강하세요.

현재 테스트는 .. traversal 케이스를 올바르게 검증합니다. 더 포괄적인 보안 테스트를 위해 다음 케이스들을 추가로 고려하세요:

절대 경로 시도 (예: /tmp/hacked.feature)
Windows 절대 경로 (예: C:\\tmp\\hacked.feature)
루트 디렉터리 자체에 쓰기 (예: 빈 문자열 또는 .)

🧪 추가 테스트 케이스 제안

   it("prevents path traversal vulnerabilities", () => {
     // VSPEC-001 is present in the mock project root (tests/fixtures/doctor/clean) so it would succeed
     // if not for the traversal in the --output path.
     const cwd = join(import.meta.dirname, "fixtures/doctor/clean");
     expect(() =>
       exportGherkin({ key: "VSPEC-001", output: "../../../tmp/hacked.feature", cwd })
     ).toThrowError(new VspecError("INVALID_ARGUMENT", "Output path must be within the project root."));
+
+    // Absolute path attempt
+    expect(() =>
+      exportGherkin({ key: "VSPEC-001", output: "/tmp/hacked.feature", cwd })
+    ).toThrowError(new VspecError("INVALID_ARGUMENT", "Output path must be within the project root."));
+
+    // Windows absolute path attempt
+    expect(() =>
+      exportGherkin({ key: "VSPEC-001", output: "C:\\tmp\\hacked.feature", cwd })
+    ).toThrowError(new VspecError("INVALID_ARGUMENT", "Output path must be within the project root."));
   });

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@tests/gherkin.test.ts` around lines 15 - 22, Add additional security unit
tests for exportGherkin that cover absolute path attack vectors: assert that
calling exportGherkin with output set to a Unix absolute path (e.g.,
"/tmp/hacked.feature"), a Windows absolute path (e.g.,
"C:\\tmp\\hacked.feature"), and root/empty outputs (e.g., "" and ".") each
throws the same VspecError("INVALID_ARGUMENT", "Output path must be within the
project root."); place these assertions alongside the existing traversal test in
the gherkin.test.ts file so exportGherkin’s validation logic is exercised for
../ traversal, absolute paths, Windows-style absolute paths, and empty/root
output values.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@src/export/gherkin.ts`:
- Around line 43-47: The current check uses resolve/relative and isAbsolute on
outputPath but does not resolve symlinks, so an attacker can escape the project
root via symlinked directories; update the validation around outputPath (the
computed outputPath and rel variables used before throwing VspecError) to
compare real filesystem paths: obtain real paths for config.root and the
output's nearest existing ancestor (using fs.realpathSync or async fs.realpath)
and ensure the real output path starts with the real root, or alternatively walk
path segments of outputPath and lstatSync each segment to reject any symlinked
component before calling mkdirSync(dirname(outputPath)) or
writeFileSync(outputPath,...). Ensure the same checks are applied wherever
outputPath is created/used.

---

Nitpick comments:
In `@tests/gherkin.test.ts`:
- Around line 15-22: Add additional security unit tests for exportGherkin that
cover absolute path attack vectors: assert that calling exportGherkin with
output set to a Unix absolute path (e.g., "/tmp/hacked.feature"), a Windows
absolute path (e.g., "C:\\tmp\\hacked.feature"), and root/empty outputs (e.g.,
"" and ".") each throws the same VspecError("INVALID_ARGUMENT", "Output path
must be within the project root."); place these assertions alongside the
existing traversal test in the gherkin.test.ts file so exportGherkin’s
validation logic is exercised for ../ traversal, absolute paths, Windows-style
absolute paths, and empty/root output values.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

Push a commit to this branch (recommended)
Create a new PR with the fixes

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 8ec24c9b-e7d0-422e-a848-c17691ba2195

📥 Commits

Reviewing files that changed from the base of the PR and between f4223cb and c51abf7.

📒 Files selected for processing (3)

.jules/sentinel.md
src/export/gherkin.ts
tests/gherkin.test.ts

coderabbitai · 2026-06-09T05:32:38Z

+  const outputPath = resolve(config.root, output);
+  const rel = relative(config.root, outputPath);
+  if (rel.startsWith("..") || isAbsolute(rel)) {
+    throw new VspecError("INVALID_ARGUMENT", "Output path must be within the project root.");
+  }


⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash # Description: Check for symlinks in the repository and assess security impact # Find all symlinks in the repository echo "=== Symlinks in repository ===" fd -t l -H # Check if the codebase has any symlink-related security documentation echo -e "\n=== Symlink security documentation ===" rg -i "symlink" --type md -C 2

Repository: Seongho-Bae/vooster-v2-mvp

Length of output: 141

🏁 Script executed:

#!/bin/bash set -euo pipefail # Inspect the target file around the referenced lines echo "=== src/export/gherkin.ts (lines 1-120) ===" nl -ba src/export/gherkin.ts | sed -n '1,120p' # Show where config.root and output come from (best-effort) echo -e "\n=== Search for config.root usage in src/export/gherkin.ts ===" rg -n "config\.root" src/export/gherkin.ts echo -e "\n=== Search for output variable derivation in src/export/gherkin.ts ===" rg -n "output" src/export/gherkin.ts # Check for existing realpath / realpathSync usage across the repo echo -e "\n=== Search for realpath(realpathSync) usage in src ===" rg -n "realpath(Sync)?$" src # Search for other path boundary validation patterns in src echo -e "\n=== Search for resolve+relative boundary checks patterns in src ===" rg -n "relative\\(.*config\\.root|relative\\(.*root|INVALID_ARGUMENT.*Output path|startsWith\\(\"\\.\\.\"\$.*isAbsolute" src || true

Repository: Seongho-Bae/vooster-v2-mvp

Length of output: 175

🏁 Script executed:

#!/bin/bash set -euo pipefail # Inspect the target file around the referenced lines echo "=== src/export/gherkin.ts (lines 1-200) ===" awk '{printf "%d:%s\n", NR, $0}' src/export/gherkin.ts | sed -n '1,200p' # Show where config.root and output come from (best-effort) echo -e "\n=== Search for config.root usage in src/export/gherkin.ts ===" rg -n "config\.root" src/export/gherkin.ts || true echo -e "\n=== Search for output variable derivation in src/export/gherkin.ts ===" rg -n "\boutput\b" src/export/gherkin.ts || true # Check for existing realpath / realpathSync usage across the repo echo -e "\n=== Search for realpath(realpathSync) usage in src ===" rg -n "realpath(Sync)?$" src || true # Search for other path boundary validation patterns in src echo -e "\n=== Search for resolve+relative boundary checks patterns in src ===" rg -n "relative\(|resolve\(|INVALID_ARGUMENT|Output path must be within|startsWith\(\"\\.\\.\"\$|isAbsolute\(" src || true

Repository: Seongho-Bae/vooster-v2-mvp

Length of output: 5884

🏁 Script executed:

#!/bin/bash set -euo pipefail echo "=== src/files.ts (head/tail + key parts) ===" wc -l src/files.ts sed -n '1,120p' src/files.ts sed -n '120,260p' src/files.ts echo -e "\n=== src/validate/doctor.ts (root/target 처리) ===" wc -l src/validate/doctor.ts sed -n '1,160p' src/validate/doctor.ts echo -e "\n=== src/project.ts (root resolve 여부) ===" wc -l src/project.ts sed -n '1,120p' src/project.ts

Repository: Seongho-Bae/vooster-v2-mvp

Length of output: 12646

🏁 Script executed:

#!/bin/bash set -euo pipefail echo -e "\n=== exportGherkin 호출 지점 검색 ===" rg -n "exportGherkin\\(" src || true echo -e "\n=== args\\.output 또는 --output 관련 CLI 옵션 검색 ===" rg -n "--output|args\\.output|output\\?:" src || true echo -e "\n=== src/usecase-commands.ts 관련 출력 경로 생성/검증 ===" rg -n "output" src/usecase-commands.ts || true echo -e "\n=== src/cli.ts 옵션/커맨드에서 output 처리 검색 ===" rg -n "output" src/cli.ts || true echo -e "\n=== src/output.ts / 기타 파일에서 경로 검증 로직 검색 ===" rg -n "INVALID_ARGUMENT.*Output|Output path|realpath|symlink|lstat|lstatSync|realpathSync|resolve\\(.*root" src || true

Repository: Seongho-Bae/vooster-v2-mvp

Length of output: 2038

🏁 Script executed:

#!/bin/bash set -euo pipefail # Show relevant CLI output option handling around the reported line numbers wc -l src/cli.ts sed -n '240,320p' src/cli.ts # Inspect where outputSuccess/outputError wrapping happens (might contain validation) sed -n '1,120p' src/output.ts wc -l src/output.ts sed -n '1,140p' src/output.ts # Double-check no other boundary validation exists for output paths rg -n "realpath(Sync)?\\(|lstat(Sync)?\\(|readlink(Sync)?\\(|symlink" src || true rg -n "Output path must be within|INVALID_ARGUMENT\".*,.*Output|--output|options\\.output|exportGherkin\\(\\{ key, output" src/cli.ts src/export/gherkin.ts || true

Repository: Seongho-Bae/vooster-v2-mvp

Length of output: 11940

[경로 검증 우회 가능성 보강 필요] src/export/gherkin.ts (43-47) 의 resolve + relative + (..)/isAbsolute 검증은 문자열 경로 경계만 확인하므로, config.root 내부에 있는 디렉터리/경로 구성요소가 symlink으로 외부를 가리키는 경우 mkdirSync(dirname(outputPath)) 및 writeFileSync(outputPath, ...)가 프로젝트 루트 밖에 파일을 생성할 수 있습니다. 또한 코드베이스에서 이 경로 검증을 realpathSync/realpath처럼 실제 경로( symlink 해석 ) 기준으로 다시 확인하는 처리가 없습니다. fs.realpathSync()(또는 존재하는 상위 경로 기준으로 realpath 후)로 실제 경로를 비교하거나, 경로 세그먼트별로 lstatSync로 symlink을 차단하는 방식으로 보완하세요.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@src/export/gherkin.ts` around lines 43 - 47, The current check uses resolve/relative and isAbsolute on outputPath but does not resolve symlinks, so an attacker can escape the project root via symlinked directories; update the validation around outputPath (the computed outputPath and rel variables used before throwing VspecError) to compare real filesystem paths: obtain real paths for config.root and the output's nearest existing ancestor (using fs.realpathSync or async fs.realpath) and ensure the real output path starts with the real root, or alternatively walk path segments of outputPath and lstatSync each segment to reject any symlinked component before calling mkdirSync(dirname(outputPath)) or writeFileSync(outputPath,...). Ensure the same checks are applied wherever outputPath is created/used.

coderabbitai Bot suggested changes Jun 9, 2026

View reviewed changes

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

🛡️ Sentinel: [CRITICAL] 경로 탐색 취약점 수정#49

🛡️ Sentinel: [CRITICAL] 경로 탐색 취약점 수정#49
seonghobae wants to merge 1 commit into
mainfrom
fix-path-traversal-gherkin-14294950985736443331

seonghobae commented Jun 9, 2026

Uh oh!

google-labs-jules Bot commented Jun 9, 2026

Uh oh!

coderabbitai Bot commented Jun 9, 2026 •

edited

Loading

Summary by CodeRabbit

릴리스 노트

Walkthrough

Changes

Pre-merge checks failed

Uh oh!

coderabbitai Bot left a comment

Uh oh!

coderabbitai Bot Jun 9, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

seonghobae commented Jun 9, 2026

Uh oh!

google-labs-jules Bot commented Jun 9, 2026

Uh oh!

coderabbitai Bot commented Jun 9, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Summary by CodeRabbit

릴리스 노트

Walkthrough

Changes

Pre-merge checks failed

❌ Failed checks (1 error)

Uh oh!

coderabbitai Bot left a comment

Choose a reason for hiding this comment

Uh oh!

coderabbitai Bot Jun 9, 2026

Choose a reason for hiding this comment

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

coderabbitai Bot commented Jun 9, 2026 •

edited

Loading