strict directories validation

Author: mashraf-222

codeflash/cli_cmds/cmd_init.py

@@ -33,6 +33,7 @@
 from codeflash.code_utils.github_utils import get_github_secrets_page_url
 from codeflash.code_utils.oauth_handler import perform_oauth_signin
 from codeflash.code_utils.shell_utils import get_shell_rc_path, is_powershell, save_api_key_to_rc
+from codeflash.code_utils.code_utils import validate_relative_directory_path
 from codeflash.either import is_successful
 from codeflash.lsp.helpers import is_LSP_enabled
 from codeflash.telemetry.posthog_cf import ph
@@ -356,20 +357,32 @@ def collect_setup_info() -> CLISetupInfo:
         console.print(custom_panel)
         console.print()
 
-        custom_questions = [
-            inquirer.Path(
-                "custom_path",
-                message="Enter the path to your module directory",
-                path_type=inquirer.Path.DIRECTORY,
-                exists=True,
-            )
-        ]
+        # Retry loop for custom module root path
+        module_root = None
+        while module_root is None:
+            custom_questions = [
+                inquirer.Path(
+                    "custom_path",
+                    message="Enter the path to your module directory",
+                    path_type=inquirer.Path.DIRECTORY,
+                    exists=True,
+                )
+            ]
 
-        custom_answers = inquirer.prompt(custom_questions, theme=CodeflashTheme())
-        if custom_answers:
-            module_root = Path(custom_answers["custom_path"])
-        else:
-            apologize_and_exit()
+            custom_answers = inquirer.prompt(custom_questions, theme=CodeflashTheme())
+            if not custom_answers:
+                apologize_and_exit()
+                return  # unreachable but satisfies type checker
+
+            custom_path_str = str(custom_answers["custom_path"])
+            # Validate the path is safe
+            is_valid, error_msg = validate_relative_directory_path(custom_path_str)
+            if not is_valid:
+                click.echo(f"❌ Invalid path: {error_msg}")
+                click.echo("Please enter a valid relative directory path.")
+                console.print()  # Add spacing before retry
+                continue  # Retry the prompt
+            module_root = Path(custom_path_str)
     else:
         module_root = module_root_answer
     ph("cli-project-root-provided")
@@ -427,20 +440,32 @@ def collect_setup_info() -> CLISetupInfo:
         console.print(custom_tests_panel)
         console.print()
 
-        custom_tests_questions = [
-            inquirer.Path(
-                "custom_tests_path",
-                message="Enter the path to your tests directory",
-                path_type=inquirer.Path.DIRECTORY,
-                exists=True,
-            )
-        ]
+        # Retry loop for custom tests root path
+        tests_root = None
+        while tests_root is None:
+            custom_tests_questions = [
+                inquirer.Path(
+                    "custom_tests_path",
+                    message="Enter the path to your tests directory",
+                    path_type=inquirer.Path.DIRECTORY,
+                    exists=True,
+                )
+            ]
 
-        custom_tests_answers = inquirer.prompt(custom_tests_questions, theme=CodeflashTheme())
-        if custom_tests_answers:
-            tests_root = Path(curdir) / Path(custom_tests_answers["custom_tests_path"])
-        else:
-            apologize_and_exit()
+            custom_tests_answers = inquirer.prompt(custom_tests_questions, theme=CodeflashTheme())
+            if not custom_tests_answers:
+                apologize_and_exit()
+                return  # unreachable but satisfies type checker
+
+            custom_tests_path_str = str(custom_tests_answers["custom_tests_path"])
+            # Validate the path is safe
+            is_valid, error_msg = validate_relative_directory_path(custom_tests_path_str)
+            if not is_valid:
+                click.echo(f"❌ Invalid path: {error_msg}")
+                click.echo("Please enter a valid relative directory path.")
+                console.print()  # Add spacing before retry
+                continue  # Retry the prompt
+            tests_root = Path(curdir) / Path(custom_tests_path_str)
     else:
         tests_root = Path(curdir) / Path(cast("str", tests_root_answer))
 

codeflash/code_utils/code_utils.py

@@ -376,3 +376,83 @@ def extract_unique_errors(pytest_output: str) -> set[str]:
             unique_errors.add(error_message)
 
     return unique_errors
+
+
+def validate_relative_directory_path(path: str) -> tuple[bool, str]:
+    """Validate that a path is a safe relative directory path.
+    
+    Prevents path traversal attacks and invalid paths.
+    Works cross-platform (Windows, Linux, macOS).
+    
+    Args:
+        path: The path string to validate
+        
+    Returns:
+        tuple[bool, str]: (is_valid, error_message)
+        - is_valid: True if path is valid, False otherwise
+        - error_message: Empty string if valid, error description if invalid
+    """
+    if not path or not path.strip():
+        return False, "Path cannot be empty"
+    
+    # Normalize whitespace
+    path = path.strip()
+    
+    # Check for shell commands or dangerous patterns
+    dangerous_patterns = [
+        "cd ",
+        "ls ",
+        "rm ",
+        "mkdir ",
+        "rmdir ",
+        "del ",
+        "dir ",
+        "type ",
+        "cat ",
+        "echo ",
+        "&&",
+        "||",
+        ";",
+        "|",
+        ">",
+        "<",
+        "$",
+        "`",
+    ]
+    path_lower = path.lower()
+    for pattern in dangerous_patterns:
+        if pattern in path_lower:
+            return False, f"Path contains invalid characters or commands: {pattern.strip()}"
+    
+    # Check for path traversal attempts (cross-platform)
+    # Normalize path separators for checking
+    normalized = path.replace("\\", "/")
+    if ".." in normalized:
+        return False, "Path cannot contain '..' (parent directory traversal)"
+    
+    # Check for absolute paths (Windows and Unix)
+    if os.path.isabs(path):
+        return False, "Path must be relative, not absolute"
+    
+    # Check for invalid characters (OS-specific)
+    invalid_chars = set()
+    if os.name == "nt":  # Windows
+        invalid_chars = {'<', '>', ':', '"', '|', '?', '*'}
+    else:  # Unix-like
+        invalid_chars = {'\0'}
+    
+    if any(char in path for char in invalid_chars):
+        return False, f"Path contains invalid characters for this operating system"
+    
+    # Validate using pathlib to ensure it's a valid path structure
+    try:
+        path_obj = Path(path)
+        # Check if path would resolve outside the current directory
+        # This is a safety check for edge cases
+        parts = path_obj.parts
+        if any(part == ".." for part in parts):
+            return False, "Path cannot contain '..' (parent directory traversal)"
+    except (ValueError, OSError) as e:
+        return False, f"Invalid path format: {str(e)}"
+    
+    return True, ""

codeflash/lsp/beta.py

@@ -23,6 +23,7 @@
     get_valid_subdirs,
     is_valid_pyproject_toml,
 )
+from codeflash.code_utils.code_utils import validate_relative_directory_path
 from codeflash.code_utils.git_utils import git_root_dir
 from codeflash.code_utils.git_worktree_utils import create_worktree_snapshot_commit
 from codeflash.code_utils.shell_utils import save_api_key_to_rc
@@ -191,9 +192,16 @@ def get_config_value(key: str, default: str = "") -> str:
         return getattr(cfg, key, default)
 
     tests_root = get_config_value("tests_root", "")
-    # Validate tests_root directory exists if provided
+    # Validate tests_root path format and safety
     if tests_root:
-        # Resolve path relative to config file directory or current working directory
+        is_valid, error_msg = validate_relative_directory_path(tests_root)
+        if not is_valid:
+            return {
+                "status": "error",
+                "message": f"Invalid 'tests_root': {error_msg}",
+                "field_errors": {"tests_root": error_msg},
+            }
+        # Validate tests_root directory exists if provided
         base_dir = cfg_file.parent if cfg_file else Path.cwd()
         tests_root_path = (base_dir / tests_root).resolve()
         if not tests_root_path.exists() or not tests_root_path.is_dir():
@@ -203,8 +211,19 @@ def get_config_value(key: str, default: str = "") -> str:
                 "field_errors": {"tests_root": f"Directory does not exist at {tests_root_path}"},
             }
 
+    # Validate module_root path format and safety
+    module_root = get_config_value("module_root", "")
+    if module_root:
+        is_valid, error_msg = validate_relative_directory_path(module_root)
+        if not is_valid:
+            return {
+                "status": "error",
+                "message": f"Invalid 'module_root': {error_msg}",
+                "field_errors": {"module_root": error_msg},
+            }
+
     setup_info = VsCodeSetupInfo(
-        module_root=get_config_value("module_root", ""),
+        module_root=module_root,
         tests_root=tests_root,
         test_framework=get_config_value("test_framework", "pytest"),
         formatter=get_formatter_cmds(get_config_value("formatter_cmds", "disabled")),