Issue #4232 - Fix CWE-22 Path/Directory Traversal issues

[omordyk]

Description

CWE-22 (Path/Directory Traversal) is a type of vulnerability that occurs when an application allows users to manipulate file paths in a way that can access files or directories that are outside of the intended directory. This can lead to security issues such as unauthorized access to sensitive files, data leakage, or even arbitrary code execution in some cases.

Fixes #4232

Canonical Path Resolution: The filepath.Clean() method removes redundant or malicious path elements (e.g., .., .) that could be used for directory traversal.

Type of change

Please delete options that are not relevant.

• Bug fix (non-breaking change which fixes an issue)

How Has This Been Tested?

Ran Mend SAST

Checklist:

• My code follows the style guidelines of this project
• I have performed a self-review of my own code
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation
• My changes generate no new warnings
• I have added tests that prove my fix is effective or that my feature works
• New and existing unit tests pass locally with my changes
• Any dependent changes have been merged and published in downstream modules
• I have checked my code and corrected any misspellings
• I have tagged the reviewers in a comment below incase my pull request is ready for a review
• I have signed the commit message to agree to Developer Certificate of Origin (DCO) (to certify that you wrote or otherwise have the right to submit your contribution to the project.) by adding "--signoff" to my git commit command.

[omordyk]

@LiilyZhang @Yummikko @kzosi pls review

[Yummikko]

lgtm