Skip to content

Validate artifact_id in FileSystemArtifactStore to prevent path traversal#6432

Merged
y0z merged 1 commit intooptuna:masterfrom
RinZ27:fix/filesystem-artifact-path-traversal
Feb 12, 2026
Merged

Validate artifact_id in FileSystemArtifactStore to prevent path traversal#6432
y0z merged 1 commit intooptuna:masterfrom
RinZ27:fix/filesystem-artifact-path-traversal

Conversation

@RinZ27
Copy link
Copy Markdown
Contributor

@RinZ27 RinZ27 commented Feb 11, 2026
edited
Loading

Motivation

Validation was missing for artifact_id in FileSystemArtifactStore, which meant joined paths could potentially point outside the intended base directory. While our higher-level APIs use UUIDs, adding a check here ensures the storage remains robust regardless of how it's called. I think it's better to enforce this at the storage level rather than relying on upstream callers.

Description of the changes

A new _get_filepath helper handles the path construction and boundary checks. If someone tries to pass an absolute path or something with .. as an ID, the code now throws a ValueError. All file operations in the class now use this helper, and I also added a test case in tests/artifacts_tests/test_filesystem.py to verify it works as expected.

@RinZ27 RinZ27 changed the title Hardening FileSystemArtifactStore against path traversal Ensure path safety in FileSystemArtifactStore by validating artifact IDs Feb 11, 2026
@RinZ27 RinZ27 changed the title Ensure path safety in FileSystemArtifactStore by validating artifact IDs Validate artifact_id in FileSystemArtifactStore to prevent path traversal Feb 11, 2026
@RinZ27 RinZ27 force-pushed the fix/filesystem-artifact-path-traversal branch from c58e153 to a3b87c4 Compare February 11, 2026 11:37
@not522 not522 assigned c-bata and y0z Feb 12, 2026
@not522
Copy link
Copy Markdown
Member

not522 commented Feb 12, 2026

@c-bata @y0z Could you review this PR?

c-bata
c-bata approved these changes Feb 12, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@c-bata c-bata left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good catch! LGTM.

@c-bata c-bata added the enhancement Change that does not break compatibility and not affect public interfaces, but improves performance. label Feb 12, 2026
@c-bata c-bata added this to the v4.8.0 milestone Feb 12, 2026
@c-bata c-bata removed their assignment Feb 12, 2026
y0z
y0z approved these changes Feb 12, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@y0z y0z left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@y0z y0z merged commit c88d58a into optuna:master Feb 12, 2026
13 checks passed
@y0z y0z removed their assignment Feb 12, 2026
@RinZ27 RinZ27 deleted the fix/filesystem-artifact-path-traversal branch February 12, 2026 05:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@c-bata c-bata c-bata approved these changes

@y0z y0z y0z approved these changes

Assignees

No one assigned

Labels

enhancement Change that does not break compatibility and not affect public interfaces, but improves performance.

Projects

None yet

Milestone

v4.8.0

Development

Successfully merging this pull request may close these issues.

4 participants

@RinZ27 @not522 @c-bata @y0z