You've already forked agentic-coding-workflow
ACP / MCP 完善
This commit is contained in:
@@ -4,11 +4,11 @@ import (
|
||||
"context"
|
||||
"encoding/json"
|
||||
"errors"
|
||||
"fmt"
|
||||
"io/fs"
|
||||
"os"
|
||||
"path/filepath"
|
||||
"strings"
|
||||
|
||||
"github.com/yan1h/agent-coding-workflow/internal/acp/pathsafe"
|
||||
)
|
||||
|
||||
// FsReadHandler handles fs/read_text_file (spec §5.4).
|
||||
@@ -75,34 +75,9 @@ func sliceLines(s string, line, limit *int) string {
|
||||
return strings.Join(lines[start:end], "\n")
|
||||
}
|
||||
|
||||
// resolveSafePath duplicates the logic from internal/acp.ResolveSafePath to
|
||||
// avoid an import cycle (handlers is a sub-package and acp imports handlers).
|
||||
// resolveSafePath 委托共享实现 pathsafe.ResolveSafePath。
|
||||
// handlers 子包不能 import internal/acp 主包(acp 依赖 handlers,会循环),
|
||||
// 故校验逻辑抽到 internal/acp/pathsafe 子包共用。
|
||||
func resolveSafePath(cwd, requested string) (string, error) {
|
||||
if !filepath.IsAbs(cwd) {
|
||||
return "", fmt.Errorf("cwd must be absolute")
|
||||
}
|
||||
cleanCwd := filepath.Clean(cwd)
|
||||
var abs string
|
||||
if filepath.IsAbs(requested) {
|
||||
abs = filepath.Clean(requested)
|
||||
} else {
|
||||
abs = filepath.Clean(filepath.Join(cleanCwd, requested))
|
||||
}
|
||||
if !hasPathPrefix(abs, cleanCwd) {
|
||||
return "", fmt.Errorf("path outside worktree")
|
||||
}
|
||||
if real, err := filepath.EvalSymlinks(abs); err == nil {
|
||||
if !hasPathPrefix(real, cleanCwd) {
|
||||
return "", fmt.Errorf("path resolves outside worktree via symlink")
|
||||
}
|
||||
}
|
||||
return abs, nil
|
||||
}
|
||||
|
||||
func hasPathPrefix(abs, base string) bool {
|
||||
if abs == base {
|
||||
return true
|
||||
}
|
||||
sep := string(filepath.Separator)
|
||||
return strings.HasPrefix(abs, base+sep)
|
||||
return pathsafe.ResolveSafePath(cwd, requested)
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user