Sanitize file paths before config loading Change-Id: Id27ef65ec0575fd4bc9ddfc4927f4f3e685eced2

commit: ed787d0485f8ca411328b534a52f980255e92657 [log] [tgz]
author: Akron <nils@diewald-online.de> Wed May 20 12:31:07 2026 +0200
committer: Akron <nils@diewald-online.de> Wed May 20 12:31:07 2026 +0200
tree: 5ffd085b1fdee1d0f6ca6d3c944822a27f1f84c0
parent: e6767de5397f8861f5cfbf5f210b72ed443398b3 [diff] [blame]
diff --git a/cmd/koralmapper/main.go b/cmd/koralmapper/main.go
index 9fc6f5d..eac2984 100644
--- a/cmd/koralmapper/main.go
+++ b/cmd/koralmapper/main.go

@@ -222,6 +222,16 @@
 }
 
 func main() {
+	// Confine config file loading to the current working directory tree
+	// (path traversal prevention). Can be overridden via the "basePath"
+	// YAML field or the KORAL_MAPPER_BASE_PATH environment variable.
+	// In Docker (WORKDIR /), the default "/" naturally allows all paths.
+	cwd, err := os.Getwd()
+	if err != nil {
+		log.Fatal().Err(err).Msg("Failed to determine working directory")
+	}
+	config.AllowedBasePath = cwd
+
 	// Parse command line flags
 	cfg := parseConfig()
 
@@ -242,6 +252,11 @@
 		log.Fatal().Err(err).Msg("Failed to load configuration")
 	}
 
+	// Apply basePath from config/env if specified (overrides CWD default)
+	if yamlConfig.BasePath != "" {
+		config.AllowedBasePath = yamlConfig.BasePath
+	}
+
 	finalPort := yamlConfig.Port
 	finalLogLevel := yamlConfig.LogLevel
commit	ed787d0485f8ca411328b534a52f980255e92657	[log] [tgz]
author	Akron <nils@diewald-online.de>	Wed May 20 12:31:07 2026 +0200
committer	Akron <nils@diewald-online.de>	Wed May 20 12:31:07 2026 +0200
tree	5ffd085b1fdee1d0f6ca6d3c944822a27f1f84c0
parent	e6767de5397f8861f5cfbf5f210b72ed443398b3 [diff] [blame]