From 855c89e8fbfa91cb09181673df8eca85658a082a Mon Sep 17 00:00:00 2001
From: iven <iven_h@qq.com>
Date: Fri, 24 Apr 2026 16:02:09 +0800
Subject: [PATCH] =?UTF-8?q?fix(tool):=20=E7=9B=B8=E5=AF=B9=E8=B7=AF?=
 =?UTF-8?q?=E5=BE=84=E6=96=87=E4=BB=B6=E5=86=99=E5=85=A5=E5=A4=B1=E8=B4=A5?=
 =?UTF-8?q?=20=E2=80=94=20PathValidator=20=E5=85=88=E5=9F=BA=E4=BA=8E=20wo?=
 =?UTF-8?q?rkspace=20=E8=A7=A3=E6=9E=90?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

当 file_write 收到相对路径如 test_tool.txt 时，PathValidator 的
resolve_and_validate 尝试对空父目录 canonicalize 导致失败。

修复：相对路径先基于 workspace_root 解析为绝对路径，再进行安全校验。
---
 crates/zclaw-runtime/src/tool/builtin/path_validator.rs | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/crates/zclaw-runtime/src/tool/builtin/path_validator.rs b/crates/zclaw-runtime/src/tool/builtin/path_validator.rs
index 35f809f..80e93fe 100644
--- a/crates/zclaw-runtime/src/tool/builtin/path_validator.rs
+++ b/crates/zclaw-runtime/src/tool/builtin/path_validator.rs
@@ -230,7 +230,14 @@ impl PathValidator {
     fn resolve_and_validate(&self, path: &str) -> Result<PathBuf> {
         // Expand tilde
         let expanded = expand_tilde(path);
-        let path_buf = PathBuf::from(&expanded);
+        let mut path_buf = PathBuf::from(&expanded);
+
+        // If relative path and workspace is configured, resolve against workspace
+        if path_buf.is_relative() {
+            if let Some(ref workspace) = self.workspace_root {
+                path_buf = workspace.join(&path_buf);
+            }
+        }
 
         // Check for path traversal
         self.check_path_traversal(&path_buf)?;