Skip to content

fix: Fix tilde expansion to avoid absolute-path escape #9621

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
tiffanycitra merged 1 commit into from
Jan 21, 2026
Merged

fix: Fix tilde expansion to avoid absolute-path escape #9621

tiffanycitra merged 1 commit into from
Jan 21, 2026

Conversation

@tiffanycitra
Copy link
Contributor

@tiffanycitra tiffanycitra commented Jan 21, 2026

Motivation

  • Prevent inputs like ~// or ~///etc from expanding to arbitrary absolute paths (e.g. /) because Path::join discards the left side when the right side is absolute, which could allow config values to escape HOME and broaden writable roots.

Description

  • In codex-rs/utils/absolute-path/src/lib.rs update maybe_expand_home_directory to trim leading separators from the suffix and return home when the remainder is empty so tilde expansion stays rooted under HOME.
  • Add a non-Windows unit test home_directory_double_slash_on_non_windows_is_expanded_in_deserialization that validates "~//code" expands to home.join("code").

Testing

  • Ran just fmt successfully.
  • Ran just fix -p codex-utils-absolute-path (Clippy autofix) successfully.
  • Ran cargo test -p codex-utils-absolute-path and all tests passed.

Codex Task

@tiffanycitra tiffanycitra changed the title Fix tilde expansion to avoid absolute-path escape fix: Fix tilde expansion to avoid absolute-path escape Jan 21, 2026
etraut-openai
etraut-openai approved these changes Jan 21, 2026
View reviewed changes
Copy link
Collaborator

@etraut-openai etraut-openai left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good catch!

@tiffanycitra tiffanycitra merged commit 8179312 into main Jan 21, 2026
32 checks passed
@tiffanycitra tiffanycitra deleted the codex/fix-tilde-expansion-vulnerability-in-code branch January 21, 2026 18:43
@github-actions github-actions bot locked and limited conversation to collaborators Jan 21, 2026
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@etraut-openai etraut-openai etraut-openai approved these changes

Assignees

No one assigned

Labels

aardvark codex

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@tiffanycitra @etraut-openai