From 26c83cc17725676ea2a8bebbe078ede6eca6ed60 Mon Sep 17 00:00:00 2001
From: Esther Goldberg <esthermiriamgoldberg@outlook.com>
Date: Sun, 7 Apr 2024 16:22:39 -0400
Subject: [PATCH] raise error if attachment pathname contains invalid bytes

---
 snekbox/nsjail.py            | 4 ++++
 snekbox/snekio/attachment.py | 9 +++++++++
 2 files changed, 13 insertions(+)

diff --git a/snekbox/nsjail.py b/snekbox/nsjail.py
index dc093930..3ef9f51f 100644
--- a/snekbox/nsjail.py
+++ b/snekbox/nsjail.py
@@ -14,6 +14,7 @@
 from snekbox.limits.timed import time_limit
 from snekbox.result import EvalError, EvalResult
 from snekbox.snekio import FileAttachment, MemFS
+from snekbox.snekio.errors import IllegalPathError
 from snekbox.snekio.filesystem import Size
 from snekbox.utils.iter import iter_lstrip
 
@@ -244,6 +245,9 @@ def _parse_attachments(
         except TimeoutError as e:
             log.info(f"Exceeded time limit while parsing attachments: {e}")
             raise EvalError("TimeoutError: Exceeded time limit while parsing attachments") from e
+        except IllegalPathError as e:
+            log.info(f"Invalid bytes in filename while parsing attachments: {e}")
+            raise EvalError("FileParsingError: invalid bytes in filename while parsing attachments")
         except Exception as e:
             log.exception(f"Unexpected {type(e).__name__} while parse attachments", exc_info=e)
             raise EvalError("FileParsingError: Unknown error while parsing attachments") from e
diff --git a/snekbox/snekio/attachment.py b/snekbox/snekio/attachment.py
index 73e26b8f..72426e5d 100644
--- a/snekbox/snekio/attachment.py
+++ b/snekbox/snekio/attachment.py
@@ -67,8 +67,17 @@ def from_path(cls, file: Path, relative_to: Path | None = None) -> FileAttachmen
         Args:
             file: The file to attach.
             relative_to: The root for the path name.
+        Raises:
+            IllegalPathError: If path name contains characters that can't be encoded in UTF-8
         """
         path = file.relative_to(relative_to) if relative_to else file
+
+        # Disallow filenames with chars that can't be encoded in UTF-8
+        try:
+            str(path).encode("utf-8")
+        except UnicodeEncodeError as e:
+            raise IllegalPathError("File paths may not contain invalid byte sequences") from e
+
         return cls(str(path), file.read_bytes())
 
     @property