AntFleet

Disagreement · bdb643be-openai-2

Session/ID values interpolated into URL paths without validation

solo GPT-5
repo 7e34f3ef·PR #1·reviewed 1 week ago

GPT-5 finding

Session/ID values interpolated into URL paths without validation

mediumsecuritymedium
  • src/bridge/createSession.ts
  • src/bridge/createSession.ts
  • src/bridge/createSession.ts
  • src/bridge/remoteBridgeCore.ts
Other bridge APIs validate server-provided IDs before placing them in path segments (validateBridgeId). These functions do not. While IDs are typically server-generated, some paths can be driven by CLI-supplied values (e.g., resume by session id). Lack of validation enables path traversal-like segments (e.g., '../../') in path composition which could reach unintended endpoints on the same host or trigger 404/403 confusion.

Recommendation

Apply the same allowlist-based validation used elsewhere (e.g., SAFE_ID_PATTERN in bridgeApi.ts) before interpolating into path segments. Reject values containing characters outside [a-zA-Z0-9_\-].

Other reviewer

The other reviewer flagged nothing in this file/line range.

Why this didn't post

This finding didn't meet AntFleet's unanimous agreement threshold. Both frontier models review every PR independently; only findings they both flag with the same severity and category are posted to the PR. This one fell through.

read the methodology →
← back to all disagreementsview public receiptssee unanimous findings + anatomies →
Tweet ↗