Merge pull request #467 from intel/ankit/ov_config_loader_v4

fix: Securing load_config path parsing
intel · Oct 4, 2024 · 783b147 · 783b147
2 parents dd49e37 + fc3b92e
commit 783b147
Showing 1 changed file with 20 additions and 0 deletions.
diff --git a/onnxruntime/core/providers/openvino/openvino_provider_factory.cc b/onnxruntime/core/providers/openvino/openvino_provider_factory.cc
@@ -199,6 +199,26 @@ struct OpenVINO_Provider : Provider {
 
     if (provider_options_map.find("load_config") != provider_options_map.end()) {
       load_config = provider_options_map.at("load_config");
+
+      // Enforce that the input path is absolute, reject if not
+      if (!std::filesystem::path(load_config).is_absolute()) {
+        throw std::invalid_argument("The config file path must be an absolute path: " + load_config);
+      }
+
+      auto resolve_path = [&](const std::string& path) -> std::string {
+        std::filesystem::path fs_path = path;
+        // Canonicalize the path to resolve symbolic links and remove '..' or '.'
+        try {
+          fs_path = std::filesystem::canonical(fs_path);
+        } catch (const std::filesystem::filesystem_error& e) {
+          throw std::runtime_error("Error resolving config file path: " + std::string(e.what()));
+        }
+        return fs_path.string();
+      };
+
+      // Expand and resolve the filename to its canonical form
+      std::string resolved_filename = resolve_path(load_config);
+      load_config = resolved_filename;
     }
 
     if (provider_options_map.find("context") != provider_options_map.end()) {