Security: Unsafe File Write with User-Controlled Path

[tomaioo]

Summary

Security: Unsafe File Write with User-Controlled Path

Problem

Severity: High | File: packages/react-docgen-cli/src/commands/parse/output/outputResult.ts:L8

The outputResult function writes to a file path specified by the output option without any validation. If an attacker can control the output parameter (e.g., via CLI --output flag), they could write files to arbitrary locations on the filesystem, potentially overwriting critical files or achieving remote code execution by overwriting executable files.

Solution

Validate and sanitize the output path to ensure it resolves within an expected output directory. Use path.resolve() and check that the resolved path starts with the allowed base directory. Consider using fs.realpath() to resolve symlinks before validation.

Changes

• packages/react-docgen-cli/src/commands/parse/output/outputResult.ts (modified)

[changeset-bot]

⚠️ No Changeset found

Latest commit: d6029f5

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[netlify]

✅ Deploy Preview for react-docgen canceled.

Name	Link
🔨 Latest commit	d6029f5
🔍 Latest deploy log	https://app.netlify.com/projects/react-docgen/deploys/6a1394cbc61ac2000750a70c