[backport camel-4.14.x] CAMEL-23765: remote-file consumers - contain localWorkDirectory downloads within the work directory#24220
Merged
Conversation
…oads within the work directory Backport of #24180 to camel-4.14.x. When localWorkDirectory was enabled, the remote-file consumers built the local work file path from the remote file name without ensuring the result stayed within the configured work directory, so a remote file name containing ../ sequences could resolve to a path outside it. A shared GenericFileHelper.jailToLocalWorkDirectory containment check (compactPath + startsWith, mirroring the file producer's jail) is now applied to both the in-progress temp file and the final file, before mkdirs, in FtpOperations, SftpOperations, FilesOperations and SmbOperations. It reuses the existing jailStartingDirectory option (default true). Note: camel-mina-sftp does not exist on camel-4.14.x (added later), so its MinaSftpOperations change from the main PR is not applicable here. Source-only backport: the jailStartingDirectory producer->common label change and its regenerated metadata are intentionally omitted; the upgrade-guide entry lives on main. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
apupier
approved these changes
Jun 24, 2026
oscerd
added a commit
that referenced
this pull request
Jun 24, 2026
…4 upgrade guides on main (#24221) The localWorkDirectory path-traversal containment fix is backported to camel-4.18.x (#24219) and camel-4.14.x (#24220). Per the backport upgrade-guide policy the version-specific guide entries live on main; add a note for the new behaviour to the 4_18 and 4_14 guides (the 4_14 entry omits camel-mina-sftp, which does not exist on that branch). Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Backport of #24180 (CAMEL-23765) to
camel-4.14.x.What
When
localWorkDirectoryis enabled, the remote-file consumers built the local work file path from the remote file name without ensuring it stayed within the configured work directory — a remote name containing../could resolve outside it. A sharedGenericFileHelper.jailToLocalWorkDirectorycheck (compactPath+startsWith, mirroring the file producer's jail) is now applied to the temp and final files, beforemkdirs, inFtpOperations,SftpOperations,FilesOperationsandSmbOperations. It reuses the existingjailStartingDirectoryoption (defaulttrue).Scope notes
camel-4.14.x(added in a later release), so the main PR'sMinaSftpOperationschange is not applicable here.jailStartingDirectoryproducer→commonrelabel and its regenerated metadata are intentionally omitted to keep the maintenance-branch change minimal; the upgrade-guide entry lives onmain.Tests
GenericFileHelperTest(2 tests) passes; the 4 components compile on4.14.8-SNAPSHOT.Claude Code on behalf of Andrea Cosentino