Further changes to fix duplicate tests

tools/find_duplicate_pages.py

@@ -462,6 +462,9 @@ def combine_ocr_dataframes(
     output_files = list()
     if output_folder and output_filename:
         # Validate path safety before creating directories and files
+        print(
+            f"DEBUG: Validating output_folder='{output_folder}' against OUTPUT_FOLDER='{OUTPUT_FOLDER}'"
+        )
         if not validate_folder_containment(output_folder, OUTPUT_FOLDER):
             raise ValueError(f"Unsafe output folder path: {output_folder}")
         if not validate_path_safety(output_filename):
@@ -656,6 +659,9 @@ def save_results_and_redaction_lists(
         list: A list of paths to all generated files.
     """
     # Validate the output_folder path for security
+    print(
+        f"DEBUG: Validating output_folder='{output_folder}' against OUTPUT_FOLDER='{OUTPUT_FOLDER}'"
+    )
     if not validate_folder_containment(output_folder, OUTPUT_FOLDER):
         raise ValueError(f"Invalid or unsafe output folder path: {output_folder}")
 
@@ -665,6 +671,9 @@ def save_results_and_redaction_lists(
     try:
         output_folder_path = Path(output_folder).resolve()
         # Validate that the resolved path is within the trusted OUTPUT_FOLDER using robust containment check
+        print(
+            f"DEBUG: Validating resolved path='{output_folder_path}' against OUTPUT_FOLDER='{OUTPUT_FOLDER}'"
+        )
         if not validate_folder_containment(str(output_folder_path), OUTPUT_FOLDER):
             raise ValueError(
                 f"Output folder path {output_folder} is outside the trusted directory {OUTPUT_FOLDER}"

tools/secure_path_utils.py

@@ -311,6 +311,14 @@ def validate_folder_containment(
         path_str = str(normalized_path).lower()
         base_str = str(normalized_base).lower()
 
+        print(
+            f"DEBUG: validate_folder_containment called with path='{path}' base_path='{base_path}'"
+        )
+        print(
+            f"DEBUG: normalized_path='{normalized_path}' normalized_base='{normalized_base}'"
+        )
+        print(f"DEBUG: path_str='{path_str}' base_str='{base_str}'")
+
         # Check if this is a test scenario
         is_test_path = any(
             test_pattern in path_str
@@ -339,6 +347,8 @@ def validate_folder_containment(
             ]
         )
 
+        print(f"DEBUG: is_test_path={is_test_path} is_test_base={is_test_base}")
+
         # For test scenarios, be more permissive
         if is_test_path or is_test_base:
             print(f"DEBUG: Allowing test path: {path_str} (base: {base_str})")
@@ -346,18 +356,25 @@ def validate_folder_containment(
 
         # Ensure the base path exists and is a directory
         if not os.path.exists(normalized_base) or not os.path.isdir(normalized_base):
+            print(
+                f"DEBUG: Base path does not exist or is not a directory: {normalized_base}"
+            )
             return False
 
         # Use commonpath to check containment
         try:
             common_path = os.path.commonpath([normalized_path, normalized_base])
             # The common path must be exactly the base path for strict containment
-            return common_path == normalized_base
+            result = common_path == normalized_base
+            print(f"DEBUG: common_path='{common_path}' result={result}")
+            return result
         except ValueError:
             # commonpath raises ValueError if paths are on different drives (Windows)
+            print("DEBUG: ValueError in commonpath check")
             return False
 
-    except Exception:
+    except Exception as e:
+        print(f"DEBUG: Exception in validate_folder_containment: {e}")
         return False