Summary
SubFileSystem fails to confine operations to its declared sub path when the input path is /../ (or equivalents /../, /..\\). This path passes all validation but resolves to the root of the parent filesystem, allowing directory level operations outside the intended boundary.
Affected Component
Zio.UPath.ValidateAndNormalize
Zio.FileSystems.SubFileSystem
UPath.ValidateAndNormalize has a trailing slash optimisation.
if (!processParts && i + 1 == path.Length)
return path.Substring(0, path.Length - 1);When the input ends with / or \, and processParts is still false, the function strips the trailing separator and returns immediately before the .. resolution logic runs. The input /../ triggers this path: the trailing / is the last character, processParts has not been set (because .. as the first relative segment after root is specifically exempted), so the function returns /.. with the .. segment unresolved.
The resulting UPath with FullName = "/.." is absolute, contains no control characters, and no colon so it passes FileSystem.ValidatePath without rejection.
When this path reaches SubFileSystem.ConvertPathToDelegate:
protected override UPath ConvertPathToDelegate(UPath path)
{
var safePath = path.ToRelative(); // "/..".ToRelative() = ".."
return SubPath / safePath; // "/jail" / ".." = "/" (resolved by Combine)
}The delegate filesystem receives / (the root) instead of a path under /jail.
Proof of Concept
using Zio;
using Zio.FileSystems;
var root = new MemoryFileSystem();
root.CreateDirectory("/sandbox");
var sub = new SubFileSystem(root, "/sandbox");
Console.WriteLine(sub.DirectoryExists("/../")); // True (sees parent root)
Console.WriteLine(sub.ConvertPathToInternal("/../")); // "/" (parent root path)Impact
The escape is limited to directory level operations because appending a filename after .. (e.g., /../file.txt) causes normal .. resolution to trigger, which correctly rejects the path as going above root. Only the bare terminal /../ (which strips to /..) survives. This means that exploitability is limited, and this vulnerability does not escalate to file read/write.
References
Summary
SubFileSystemfails to confine operations to its declared sub path when the input path is/../(or equivalents/../,/..\\). This path passes all validation but resolves to the root of the parent filesystem, allowing directory level operations outside the intended boundary.Affected Component
Zio.UPath.ValidateAndNormalizeZio.FileSystems.SubFileSystemUPath.ValidateAndNormalizehas a trailing slash optimisation.When the input ends with
/or\, andprocessPartsis still false, the function strips the trailing separator and returns immediately before the..resolution logic runs. The input/../triggers this path: the trailing/is the last character,processPartshas not been set (because..as the first relative segment after root is specifically exempted), so the function returns/..with the..segment unresolved.The resulting
UPathwithFullName = "/.."is absolute, contains no control characters, and no colon so it passesFileSystem.ValidatePathwithout rejection.When this path reaches
SubFileSystem.ConvertPathToDelegate:The delegate filesystem receives
/(the root) instead of a path under/jail.Proof of Concept
Impact
The escape is limited to directory level operations because appending a filename after
..(e.g.,/../file.txt) causes normal..resolution to trigger, which correctly rejects the path as going above root. Only the bare terminal/../(which strips to/..) survives. This means that exploitability is limited, and this vulnerability does not escalate to file read/write.References