Describe the bug
Folder name sanitization at config/folder_cache.go:67 doesn't prevent ../ sequences. Folder named containing ../ could escape cache directory.
To reproduce
- Create folder with name like "a/../sensitive"
- sanitizeFolderName() only replaces / but not ..
- Cache files written outside intended directory
Expected behavior
Use filepath.Clean() or reject names with ..
Matcha version
master
OS
All
Additional context
File: config/folder_cache.go line 67
Security: path traversal vulnerability
Describe the bug
Folder name sanitization at config/folder_cache.go:67 doesn't prevent ../ sequences. Folder named containing ../ could escape cache directory.
To reproduce
Expected behavior
Use filepath.Clean() or reject names with ..
Matcha version
master
OS
All
Additional context
File: config/folder_cache.go line 67
Security: path traversal vulnerability