From fd1b9b13c2ba2492a0065f475e2c63cd3f1f8995 Mon Sep 17 00:00:00 2001
From: Steven Masley <stevenmasley@gmail.com>
Date: Fri, 27 Jun 2025 12:08:34 -0500
Subject: [PATCH] feat: prevent path expansion using host context

Any references to `~` should return an error
---
 init.go | 40 ++++++++++++++++++++++++++++++++++++++++
 1 file changed, 40 insertions(+)
 create mode 100644 init.go

diff --git a/init.go b/init.go
new file mode 100644
index 0000000..57a308f
--- /dev/null
+++ b/init.go
@@ -0,0 +1,40 @@
+package preview
+
+import (
+	"github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/funcs"
+	"github.com/zclconf/go-cty/cty"
+	"github.com/zclconf/go-cty/cty/function"
+	"golang.org/x/xerrors"
+)
+
+// init intends to override some of the default functions afforded by terraform.
+// Specifically, any functions that require the context of the host.
+//
+// This is really unfortunate, but all the functions are globals, and this
+// is the only way to override them.
+func init() {
+	// PathExpandFunc looks for references to a home directory on the host. The
+	// preview rendering should not have access to the host's home directory path,
+	// and will return an error if it is used.
+	funcs.PathExpandFunc = function.New(&function.Spec{
+		Params: []function.Parameter{
+			{
+				Name: "path",
+				Type: cty.String,
+			},
+		},
+		Type: function.StaticReturnType(cty.String),
+		Impl: func(args []cty.Value, retType cty.Type) (cty.Value, error) {
+			path := args[0].AsString()
+			if len(path) == 0 {
+				return cty.StringVal(path), nil
+			}
+
+			if path[0] != '~' {
+				return cty.StringVal(path), nil
+			}
+
+			return cty.NilVal, xerrors.Errorf("not allowed to expand paths starting with '~' in this context")
+		},
+	})
+}