fix: prevent path traversal via prefix collision in containment check

[nezukoagent]

Summary

The path containment check uses indexOf() which only verifies string prefix, not directory boundary. This allows attackers to escape the output directory via prefix collision.

The Bug

// response-header.js:59
if (filename.indexOf("\0") !== -1 || filename.indexOf(outputPath) !== 0) {

indexOf() returns 0 if outputPath appears at the start, but doesn't check directory boundaries:

• outputPath = "/tmp/build"
• filename = "/tmp/buildcache/secret/keys.txt"
• filename.indexOf(outputPath) === 0 → true → BYPASSES CHECK!

PoC

GET /..%2fbuildcache%2fsecret%2fkeys.txt HTTP/1.1
→ path.join("/tmp/build", "/../buildcache/secret/keys.txt") = "/tmp/buildcache/secret/keys.txt"
→ indexOf("/tmp/build") = 0 → passes check
→ reads /tmp/buildcache/secret/keys.txt

Fix

Use startsWith() with trailing path separator:

const normalizedOutput = outputPath.endsWith(path.sep) ? outputPath : outputPath + path.sep;
if (filename.indexOf("\0") !== -1 || (!filename.startsWith(normalizedOutput) && filename !== outputPath)) {

References

• GHSA-27hx-7875-xvvh
• All versions 0.10.0 through 2.1.2 affected