From bad7240b90feb3c882c2e7f510b738b9f1495077 Mon Sep 17 00:00:00 2001
From: Thomas Markwalder <tmark@isc.org>
Date: Fri, 23 May 2025 15:51:11 -0400
Subject: [PATCH] [#3906]  Fix root-file handling

Added changelog delta
src/lib/util/filesystem.cc
    PathChecker::validatePath() - catch root-file

src/lib/util/tests/filesystem_unittests.cc
    TEST_F(PathCheckerTest, validatePathEnforcePath)
    TEST_F(PathCheckerTest, validatePathEnforcePathFalse) -
    added test cases
---
 ...6-path-validation-should-reject-root-slash-file |  7 +++++++
 src/lib/util/filesystem.cc                         |  8 +++++---
 src/lib/util/tests/filesystem_unittests.cc         | 14 ++++++++++++++
 3 files changed, 26 insertions(+), 3 deletions(-)
 create mode 100644 changelog_unreleased/3906-path-validation-should-reject-root-slash-file

diff --git a/changelog_unreleased/3906-path-validation-should-reject-root-slash-file b/changelog_unreleased/3906-path-validation-should-reject-root-slash-file
new file mode 100644
index 0000000000..d696d3e4aa
--- /dev/null
+++ b/changelog_unreleased/3906-path-validation-should-reject-root-slash-file
@@ -0,0 +1,7 @@
+[bug]		tmark
+	Fixed an issue in path validation where
+	the opening slash in a root-file path such
+	as "/myfile.log" is discarded causing the server
+	to prepend the supported path to the file name
+	rather than reject the entry.
+	(Gitlab #3906)
diff --git a/src/lib/util/filesystem.cc b/src/lib/util/filesystem.cc
index 6d729b9a06..7d29bdb93f 100644
--- a/src/lib/util/filesystem.cc
+++ b/src/lib/util/filesystem.cc
@@ -282,16 +282,18 @@ PathChecker::validatePath(const std::string input_path_str,
     }
 
     auto parent_path = input_path.parentPath();
-    if (!parent_path.empty()) {
+    auto parent_dir = input_path.parentDirectory();
+    if (!parent_dir.empty()) {
         if (!enforce_path) {
             // Security set to lax, let it fly.
             return (input_path_str);
         }
 
         // We only allow absolute path equal to default. Catch an invalid path.
-        if (parent_path != path_) {
+        if ((parent_path != path_) || (parent_dir == "/")) {
             isc_throw(BadValue, "invalid path specified: '"
-                      << parent_path << "', supported path is '"
+                      << (parent_path.empty() ? "/" : parent_path)
+                      << "', supported path is '"
                       << path_ << "'");
         }
     }
diff --git a/src/lib/util/tests/filesystem_unittests.cc b/src/lib/util/tests/filesystem_unittests.cc
index 3d82234163..e925dcad99 100644
--- a/src/lib/util/tests/filesystem_unittests.cc
+++ b/src/lib/util/tests/filesystem_unittests.cc
@@ -308,6 +308,13 @@ TEST_F(PathCheckerTest, validatePathEnforcePath) {
     };
 
     std::list<Scenario> scenarios = {
+    {
+        // Invalid root parent path.
+        __LINE__,
+        "/mylib.so",
+        "",
+        string("invalid path specified: '/', supported path is '" + def_path + "'")
+    },
     {
         // Invalid parent path.
         __LINE__,
@@ -383,6 +390,13 @@ TEST_F(PathCheckerTest, validatePathEnforcePathFalse) {
     };
 
     std::list<Scenario> scenarios = {
+    {
+        // Invalid root parent path.
+        __LINE__,
+        "/mylib.so",
+        "/mylib.so",
+        "",
+    },
     {
         // Invalid parent path but shouldn't care.
         __LINE__,