fix: re-scope unicode confusable check, restore 22/22 Phase-2 conformance#52
Open
gnanirahulnutakki wants to merge 2 commits into
Open
fix: re-scope unicode confusable check, restore 22/22 Phase-2 conformance#52gnanirahulnutakki wants to merge 2 commits into
gnanirahulnutakki wants to merge 2 commits into
Conversation
The test_unicode_confusable_path check in run_advanced_adversarial.py was failing because it expected DENY for a path using U+2024 ONE DOT LEADER (「․」) characters, e.g. "․․/etc/passwd". The expectation is over-strict: U+2024 is not an ASCII period, so posixpath never treats 「․․」 as a traversal segment. After cwd resolution the path becomes /tmp/safe/[U+2024][U+2024]/etc/passwd which legitimately matches the declared "/tmp/safe/*" scope via fnmatch (whose * matches across /), so the proxy's PERMIT decision is correct. Fix: - Remove the U+2024 dot-confusable path from the pass condition; keep it as telemetry/diagnostic output only - Gate pass/fail solely on the null-byte injection check, which the proxy handles correctly (always DENY) - Update test docstring and title to accurately describe what is checked - Update README.md and site/content/source/README.md Phase-2 table row to reflect the narrowed scope of the input-sanitization check The 22/22 count is unchanged — the test passes correctly after the fix. Correcting the expectation restores reproducible 22/22 conformance. Closes #38 (test re-scoped; no proxy code change required).
The site/content/source/ mirror must be regenerated via sync_source_docs.py rather than edited by hand. The previous commit wrote the correct content body but left the source_sha256 frontmatter stale. Running the sync script updates the SHA256 to match the new README.md.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Relates to #38 (left open for future dot-confusable folding discussion).
Problem
run_advanced_adversarial.py::test_unicode_confusable_pathwasreproducibly returning 21/22 because it required
DENYfor a pathcontaining U+2024 ONE DOT LEADER characters (
"․․/etc/passwd").Root cause
The check was over-strict. U+2024 (ONE DOT LEADER) is not an ASCII
period (U+002E), so the path
"․․/etc/passwd"is not a traversalattack:
_sanitize_valuedoes not fold U+2024 to.— it only foldsslash-like codepoints (
_SLASH_LIKE_CODEPOINTS)...segment checks never fire becausethe segment
"․․"≠"..".posixpath.join("/tmp/safe", "․․/etc/passwd")the resolvedpath is
/tmp/safe/[U+2024][U+2024]/etc/passwd.fnmatch.fnmatchcasewith*matches across/, so/tmp/safe/[U+2024][U+2024]/etc/passwddoes match/tmp/safe/*.PERMIT— the file lives inside thedeclared scope.
Requiring
DENYfor that path was wrong; the proxy's decision is correct.Fix
diagnostic telemetry output only.
the proxy correctly handles (always
DENY).README.mdandsite/content/source/README.mdPhase-2 tablerow to accurately describe what the test covers.
The 22-test count is unchanged. After the fix all 22 tests pass.
Test results
Phase-2 adversarial suite: 22/22 (restored from 21/22).
What was NOT changed
No proxy code (
proxy.py,_sanitize_value,_check_resource_scope)was modified. If a future decision is made to fold dot-confusable
codepoints (U+2024, U+FE52, etc.) to ASCII
.before scope matching,this test should be updated to re-add the
DENYexpectation for theU+2024 path and issue #38 should track that decision.