From 06c126ab6b8e77b69bb8a057d20f70f0c4ae0e33 Mon Sep 17 00:00:00 2001
From: YeonGyu-Kim <code.yeon.gyu@gmail.com>
Date: Mon, 25 May 2026 12:41:32 +0900
Subject: [PATCH] fix(claw-analog): reject backslash paths in validate_rel_path
 (dotdot bypass on Linux)

---
 rust/crates/claw-analog/src/lib.rs | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/rust/crates/claw-analog/src/lib.rs b/rust/crates/claw-analog/src/lib.rs
index e4ed517b..7d11a834 100644
--- a/rust/crates/claw-analog/src/lib.rs
+++ b/rust/crates/claw-analog/src/lib.rs
@@ -1589,6 +1589,12 @@ fn output_to_input_blocks(blocks: &[OutputContentBlock]) -> Vec<InputContentBloc
 }
 
 pub fn validate_rel_path(rel: &str) -> Result<(), String> {
+    // Reject Windows-style backslash paths that may contain dotdot traversal
+    // (on Unix, Path::components does not split on backslash, so "..\\x" parses
+    // as a single Normal component and evades the ParentDir check).
+    if rel.contains('\\') {
+        return Err("path must not contain backslashes".into());
+    }
     let p = Path::new(rel);
     for c in p.components() {
         match c {