fix(security): cap Retry-After sleep, sanitize upload mimeType, and validate --upload/--output paths

[jpoehnelt]

Summary

Consolidates security hardening from PRs #448 and #447 into a single, well-tested PR. PR #484 (Unicode validation) is already merged.

Changes

1. Cap Retry-After header at 60s (client.rs)

• Prevents hostile/misconfigured servers from hanging the CLI indefinitely
• Extracts testable compute_retry_delay() with saturating_pow (fixes potential overflow from 1 << attempt)
• 6 unit tests for cap, passthrough, fallback, unparseable, and boundary

2. Sanitize mimeType in multipart uploads (executor.rs)

• Strips control characters (CR/LF/tab) from metadata mimeType to prevent MIME header injection
• Falls back to application/octet-stream if sanitized value is empty
• 2 unit tests for CRLF injection and all-control-char fallback

3. Validate --upload/--output paths (validate.rs, main.rs)

• New validate_safe_file_path() rejects traversal, control chars, and symlink escapes
• Called in main.rs before any I/O occurs
• 4 unit tests for relative OK, traversal rejected, control chars rejected, symlink escape

Supersedes

• fix(security): cap Retry-After sleep and sanitize mimeType in uploads #448 (Retry-After cap + mimeType)
• fix(security): validate --upload and --output paths against traversal #447 (--upload/--output path validation)

Test Results

All 660 tests pass. Clippy clean.

[changeset-bot]

🦋 Changeset detected

Latest commit: eca0442

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 1 package

Name	Type
@googleworkspace/cli	Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request consolidates several security hardening measures to improve the robustness and safety of the CLI. It addresses potential vulnerabilities related to server-controlled retry delays, malicious MIME type injection in uploads, and unsafe file path handling for user-provided --upload and --output arguments. These changes enhance the application's resilience against various forms of attack and misconfiguration.

Highlights

• Retry-After Header Capping: The Retry-After header sleep duration is now capped at 60 seconds to prevent hostile or misconfigured servers from causing indefinite delays. The retry delay calculation logic has been extracted into a dedicated function compute_retry_delay with robust unit tests.
• MIME Type Sanitization: Multipart upload mimeType values are now sanitized by stripping control characters (CR/LF/tab) to prevent MIME header injection. If the sanitized value is empty, it falls back to application/octet-stream. New unit tests validate this behavior.
• Path Validation for Upload/Output: New validation has been introduced for --upload and --output paths using validate_safe_file_path. This function rejects path traversal attempts, control characters, and symlink escapes, ensuring that file operations remain within expected boundaries. Validation occurs early in the process, before any I/O.

Changelog

• .changeset/security-hardening-rollup.md
  • Added a new changeset entry for the security hardening rollup.
• src/client.rs
  • Introduced MAX_RETRY_DELAY_SECS constant to cap retry delays.
  • Refactored retry delay calculation into a new compute_retry_delay function.
  • Implemented logic to cap Retry-After header values at MAX_RETRY_DELAY_SECS.
  • Added unit tests for compute_retry_delay covering capping, passthrough, fallback, unparseable values, and boundary conditions.
• src/executor.rs
  • Modified resolve_upload_mime to filter out control characters from mimeType values.
  • Added a fallback to application/octet-stream if the sanitized mimeType is empty.
  • Included unit tests for MIME type sanitization, specifically for CRLF injection and all-control-character fallback.
• src/main.rs
  • Added calls to crate::validate::validate_safe_file_path for --upload and --output arguments.
  • Ensured path validation occurs before any I/O operations.
• src/validate.rs
  • Created a new public function validate_safe_file_path to check for path traversal, control characters, and symlink escapes.
  • Implemented logic to resolve paths relative to the current working directory and canonicalize them.
  • Added unit tests for validate_safe_file_path covering valid relative paths, traversal rejection, control character rejection, and symlink escape rejection.

Activity

• The pull request author, jpoehnelt, created this PR to consolidate security hardening from previous PRs fix(security): cap Retry-After sleep and sanitize mimeType in uploads #448 and fix(security): validate --upload and --output paths against traversal #447.
• The author noted that PR fix(validate): reject dangerous Unicode characters in input validation #484 (Unicode validation) has already been merged.
• The author confirmed that all 660 tests pass and Clippy is clean.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Generative AI Prohibited Use Policy, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[googleworkspace-bot]

/gemini review

[gemini-code-assist]

Code Review

This pull request introduces several important security hardening measures: capping Retry-After sleep times, sanitizing upload MIME types, and validating file paths to prevent directory traversal. The changes are well-tested and significantly improve the tool's robustness. I've identified a critical issue in the MIME type sanitization logic where a refactoring bug could bypass the security fix. I've also noted a potential high-severity TOCTOU race condition in the new path validation logic. My review includes a suggested fix for the critical bug.

[gemini-code-assist]

Code Review

This pull request introduces several important security hardening measures. It caps the Retry-After duration to prevent denial-of-service, sanitizes MIME types in uploads to prevent header injection, and adds validation for file paths to prevent path traversal. These are all excellent improvements.

My review found one critical security issue related to the new path validation. While the validation logic itself is sound, it's vulnerable to a Time-of-check to time-of-use (TOCTOU) attack because the validated, canonical path is not used for subsequent I/O operations. Please see my detailed comment in src/main.rs.

[googleworkspace-bot]

/gemini review

[codecov]

Codecov Report

❌ Patch coverage is 86.48649% with 20 lines in your changes missing coverage. Please review.
✅ Project coverage is 68.11%. Comparing base (1572570) to head (eca0442).
⚠️ Report is 2 commits behind head on main.

Files with missing lines	Patch %	Lines
src/validate.rs	88.60%	9 Missing ⚠️
src/main.rs	0.00%	8 Missing ⚠️
src/client.rs	89.28%	3 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #523      +/-   ##
==========================================
+ Coverage   67.94%   68.11%   +0.17%     
==========================================
  Files          40       40              
  Lines       17721    17848     +127     
==========================================
+ Hits        12040    12158     +118     
- Misses       5681     5690       +9     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[gemini-code-assist]

Code Review

This pull request introduces several important security hardening measures: capping the Retry-After delay, sanitizing upload MIME types to prevent header injection, and validating file paths to prevent directory traversal. The changes for retry capping and MIME type sanitization are well-implemented and include good test coverage.

However, I've identified a critical path traversal vulnerability in the new validate_safe_file_path function. The current implementation can be bypassed with specially crafted paths containing non-existent directories and .. components, allowing file access outside the current working directory. My review includes a detailed comment with a suggested fix for this vulnerability.

[googleworkspace-bot]

/gemini review

[gemini-code-assist]

Code Review

This pull request introduces several important security hardening measures. It caps the Retry-After delay to prevent indefinite hangs, sanitizes MIME types in uploads to prevent header injection, and adds robust path validation to guard against directory traversal. The changes are well-structured and include good unit tests.