Fix path traversal vulnerability in artifact tool zip extraction

[ayushhgarg-work]

Changes

Adds path traversal (ZipSlip) validation to _artifact_utils.py::_redirect_artifacts_tool_path() before extracting the artifact tool zip archive. Each zip member's resolved path is checked to ensure it stays within the intended extraction directory, preventing malicious archives from writing files outside the temp directory.

This aligns with the existing safe extraction pattern in _local_job_invoker.py::unzip_to_temporary_file().

Motivation

Addresses CWE-22 (Improper Limitation of a Pathname to a Restricted Directory). Without this check, a crafted zip archive with ../ entries could write files outside the extraction boundary when extractall() is called.

Verified that:

• Normal zip archives with nested directories extract successfully
• Archives with ../../ path traversal entries are rejected
• Archives with nested traversal (subdir/../../escaped.txt) are rejected
• Archives with absolute path entries are rejected

[Copilot]

Pull request overview

This PR mitigates a ZipSlip/path traversal risk when downloading and extracting the Azure DevOps ArtifactTool zip in ArtifactCache._redirect_artifacts_tool_path() by validating each archive member resolves within the intended temporary extraction directory before calling extractall().

Changes:

• Converts the temporary extraction directory to a Path and pre-resolves the destination directory.
• Adds per-zip-member path traversal validation prior to extraction, rejecting malicious entries (e.g., ../, absolute paths).
• Sets the override environment variable and cached tool path using the resolved destination path.