fix(gallery): confine gallery image path resolution (#4352)

routes/gallery_routes.py

@@ -67,14 +67,6 @@ def _gallery_image_path(filename: str) -> Path:
         raise HTTPException(400, "Unsafe gallery filename")
     if safe_name != original:
         raise HTTPException(400, "Unsafe gallery filename")
-    if not path.exists():
-        cwd_root = (Path.cwd() / "data" / "generated_images").resolve()
-        cwd_path = (cwd_root / safe_name).resolve()
-        try:
-            if os.path.commonpath([str(cwd_root), str(cwd_path)]) == str(cwd_root) and cwd_path.exists():
-                return cwd_path
-        except Exception:
-            pass
     return path
 
 

tests/test_gallery_filename_confinement.py

@@ -28,6 +28,22 @@ def test_gallery_image_path_allows_safe_filename(tmp_path, monkeypatch):
     assert path == image_dir / "abc123.png"
 
 
+def test_gallery_image_path_does_not_fallback_to_cwd_data_dir(tmp_path, monkeypatch):
+    gallery_routes = _gallery_module()
+    configured_dir = tmp_path / "configured" / "generated_images"
+    cwd_root = tmp_path / "cwd"
+    cwd_image_dir = cwd_root / "data" / "generated_images"
+    cwd_image_dir.mkdir(parents=True)
+    (cwd_image_dir / "abc123.png").write_bytes(b"wrong root")
+    monkeypatch.setattr(gallery_routes, "GALLERY_IMAGE_DIR", configured_dir)
+    monkeypatch.chdir(cwd_root)
+
+    path = gallery_routes._gallery_image_path("abc123.png")
+
+    assert path == configured_dir / "abc123.png"
+    assert path != cwd_image_dir / "abc123.png"
+
+
 @pytest.mark.parametrize("filename", ["../../secret.png", "..\\secret.png", None, 12345])
 def test_gallery_image_path_rejects_unsafe_stored_filenames(tmp_path, monkeypatch, filename):
     gallery_routes = _gallery_module()