onnxruntime

2e677fea - Unify path validation in EPs, address security gaps (#28725)

Unify path validation in EPs, address security gaps (#28725) This pull request strengthens security around external file paths used by various execution providers (TensorRT, NV TensorRT RTX, QNN, and OpenVINO) by replacing custom, ad-hoc path validation logic with a unified utility function, `utils::ValidateExternalDataPath`. This function ensures that external data paths do not escape the model directory, effectively preventing directory traversal, absolute path usage, and symlink-based escapes. The update also exposes this validation utility through the provider API for consistent use across providers. **Security improvements for external data path validation:** * Replaced manual checks for absolute paths and `..` parent directory traversal in TensorRT, NV TensorRT RTX, QNN, and OpenVINO providers with calls to `utils::ValidateExternalDataPath`, ensuring paths do not escape the model directory and improving protection against directory traversal and symlink attacks. [[1]](diffhunk://#diff-b7114b8cae911bdd2c3523a09019f9a9b9f9d7cce4fdd50b282603c81a6137aaL2285-R2288) [[2]](diffhunk://#diff-b304a0305fc6adb58950a0d2d8c92b15d53d75e35bcf574e663184e7faaed88fL2898-R2901) [[3]](diffhunk://#diff-101c8e9ef3688fb0ab1fc0123c7781c4e9ad83cac4431073a07f6b375393f4e5L353-L364) [[4]](diffhunk://#diff-3b0161579df5ce8f87e356b7d071b75afd8841f12eb52a1828c8f30d4474389cL326-L337) [[5]](diffhunk://#diff-5704c965da458a23d9f15a196058ac9ca6afebde41b3c68956fb8f32a049aaffL106-R112) [[6]](diffhunk://#diff-c2545a22c8a59ab59fe89bb6246f4564f19b29caa279110fc406685d8c908433R117) [[7]](diffhunk://#diff-c2545a22c8a59ab59fe89bb6246f4564f19b29caa279110fc406685d8c908433R246-R247) [[8]](diffhunk://#diff-ee58cc5d11eb6509cb8fc2f796a8fa847761fdd3d9fe15b2364a8594475f659aR1010-R1017) **Provider API enhancements:** * Added the `ValidateExternalDataPath` function to the provider API (`provider_api.h`, `provider_interfaces.h`) and implemented it in the provider bridge, making the unified validation utility accessible to all providers. [[1]](diffhunk://#diff-02d92d40e31a3592d185b3cec7b43f75b110ffea4284557ed4206d2e4a50fe1aR465-R469) [[2]](diffhunk://#diff-d62681d5e83139cfbc272f32afc4ff897dbfd84a709f02a932666e18240fa094R1007-R1009) [[3]](diffhunk://#diff-b0f4ac05b95bfa884524f32fb5cef228461e8a748164de6be4c3100ca476671aR1298-R1302)