fix(security): sanitize filenames in all prompt file operations (CWE-22) (#7462)

--------- Co-authored-by: Alex Chen <ffulbtech@gmail.com>
2026-04-06 15:13:38 +00:00 · 2026-04-03 19:36:50 -03:00 · 2026-04-03 19:36:50 -03:00 · 8ecdb41078
commit 8ecdb41078
parent 5fb8c4fbd6
3 changed files with 11 additions and 2 deletions
--- a/modules/ui_notebook.py
+++ b/modules/ui_notebook.py
@ -11,7 +11,7 @@ from modules.text_generation import (
    get_token_ids,
    stop_everything_event
 )
-from modules.utils import gradio
+from modules.utils import gradio, sanitize_filename

 _notebook_file_lock = threading.Lock()
 _notebook_auto_save_timer = None
@ -202,6 +202,7 @@ def handle_new_prompt():


 def handle_delete_prompt_confirm_notebook(prompt_name):
+    prompt_name = sanitize_filename(prompt_name)
    available_prompts = utils.get_available_prompts()
    current_index = available_prompts.index(prompt_name) if prompt_name in available_prompts else 0

@ -233,6 +234,8 @@ def handle_rename_prompt_click_notebook(current_name):


 def handle_rename_prompt_confirm_notebook(new_name, current_name):
+    new_name = sanitize_filename(new_name)
+    current_name = sanitize_filename(current_name)
    old_path = shared.user_data_dir / "logs" / "notebook" / f"{current_name}.txt"
    new_path = shared.user_data_dir / "logs" / "notebook" / f"{new_name}.txt"

@ -249,6 +252,7 @@ def handle_rename_prompt_confirm_notebook(new_name, current_name):

 def autosave_prompt(text, prompt_name):
    """Automatically save the text to the selected prompt file"""
+    prompt_name = sanitize_filename(prompt_name)
    if prompt_name and text.strip():
        prompt_path = shared.user_data_dir / "logs" / "notebook" / f"{prompt_name}.txt"
        prompt_path.parent.mkdir(parents=True, exist_ok=True)