From cf1d5adb83615938a390b2cd26a8f129bbbe8f3d Mon Sep 17 00:00:00 2001
From: Shaun Arman <shaun.arman@motorolasolutions.com>
Date: Sun, 31 May 2026 13:57:38 -0500
Subject: [PATCH] docs(analysis): document zip-slip safety guarantee in
 extract_docx_text

Only a single hardcoded entry (word/document.xml) is ever accessed from
the ZIP archive; no arbitrary path extraction occurs, so path traversal
attacks cannot apply. Add a comment to make this invariant explicit for
future maintainers.
---
 src-tauri/src/commands/analysis.rs | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src-tauri/src/commands/analysis.rs b/src-tauri/src/commands/analysis.rs
index 135fb12f..6a689827 100644
--- a/src-tauri/src/commands/analysis.rs
+++ b/src-tauri/src/commands/analysis.rs
@@ -108,6 +108,8 @@ fn extract_docx_text(path: &Path) -> Result<String, String> {
         zip::ZipArchive::new(file).map_err(|e| format!("Failed to open as ZIP/DOCX: {e}"))?;
     let mut xml_content = String::new();
     {
+        // Safety: only one hardcoded entry is ever accessed; no arbitrary path extraction is
+        // performed, so zip-slip path traversal attacks cannot apply here.
         let mut doc_xml = archive
             .by_name("word/document.xml")
             .map_err(|_| "Not a valid DOCX: missing word/document.xml".to_string())?;