mirror of
https://github.com/TauricResearch/TradingAgents.git
synced 2026-05-02 06:53:16 +03:00
2c97bad45c
The ticker symbol reaches three filesystem-path construction sites (load_ohlcv cache filename, checkpointer DB path, _log_state results directory) without validation. A value containing path separators or "../" escapes the configured cache / checkpoints / results directory. Two attack vectors: - Programmatic callers passing arbitrary ticker to propagate() - Prompt injection via fetched news content steering the LLM into tool calls with attacker-chosen ticker Fix: new safe_ticker_component() validator in tradingagents/dataflows/ utils.py applied at all three sites. Allows the standard ticker character set ([A-Za-z0-9._\-\^], up to 32 chars) and explicitly rejects dot-only values like "." and ".." which would otherwise pass the regex but traverse parent directories. Seven test cases cover the accepted formats (BRK-B, 7203.T, ^GSPC, etc.) and the rejected inputs (path separators, null bytes, whitespace, empty values, overlong strings, dot-only values). Closes #618.
53 lines
1.9 KiB
Python
53 lines
1.9 KiB
Python
"""Tests for the ticker path-component validator that blocks directory traversal."""
|
|
|
|
import os
|
|
import unittest
|
|
|
|
import pytest
|
|
|
|
from tradingagents.dataflows.utils import safe_ticker_component
|
|
|
|
|
|
@pytest.mark.unit
|
|
class TestSafeTickerComponent(unittest.TestCase):
|
|
def test_accepts_common_ticker_formats(self):
|
|
for ticker in ("AAPL", "BRK-B", "BRK.A", "0700.HK", "7203.T", "BHP.AX", "^GSPC"):
|
|
self.assertEqual(safe_ticker_component(ticker), ticker)
|
|
|
|
def test_rejects_path_separators(self):
|
|
for bad in (".", "..", "../etc", "a/b", "a\\b", "/abs", "..\\..\\x"):
|
|
with self.assertRaises(ValueError):
|
|
safe_ticker_component(bad)
|
|
|
|
def test_rejects_null_byte_and_whitespace(self):
|
|
for bad in ("AAP L", "AAPL\x00", "AAPL\n", "\tAAPL"):
|
|
with self.assertRaises(ValueError):
|
|
safe_ticker_component(bad)
|
|
|
|
def test_rejects_empty_or_non_string(self):
|
|
for bad in ("", None, 123, b"AAPL"):
|
|
with self.assertRaises(ValueError):
|
|
safe_ticker_component(bad)
|
|
|
|
def test_rejects_overlong_input(self):
|
|
with self.assertRaises(ValueError):
|
|
safe_ticker_component("A" * 33)
|
|
|
|
def test_rejects_dot_only_values(self):
|
|
# '.' and '..' pass the regex but traverse when used as a path
|
|
# component (e.g. ``Path(results_dir) / ticker / "logs"``).
|
|
for bad in (".", "..", "...", "...."):
|
|
with self.assertRaises(ValueError):
|
|
safe_ticker_component(bad)
|
|
|
|
def test_traversal_string_does_not_escape_join(self):
|
|
"""Sanity: sanitized values stay within base when joined."""
|
|
base = os.path.realpath("/tmp/cache")
|
|
ticker = safe_ticker_component("AAPL")
|
|
joined = os.path.realpath(os.path.join(base, f"{ticker}.csv"))
|
|
self.assertTrue(joined.startswith(base + os.sep))
|
|
|
|
|
|
if __name__ == "__main__":
|
|
unittest.main()
|