🤖 fix: block shell injection via malicious branch names#2691
🤖 fix: block shell injection via malicious branch names#2691ibetitsmike wants to merge 2 commits intomainfrom
Conversation
|
@codex review |
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: c5a09060c9
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
|
@codex review Addressed the Windows compatibility concern: restored |
|
Codex Review: Didn't find any major issues. 🎉 ℹ️ About Codex in GitHubCodex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
If Codex has suggestions, it will comment; otherwise it will react with 👍. When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback". |
Summary
Fix shell command injection vulnerability where malicious branch names (e.g.
$(id>/tmp/pwned)) could execute arbitrary commands when interpolated into shell command strings using double quotes.Background
4 call sites bypassed the existing
shellQuote()utility by using"${path}"(double quotes) in shell command strings. Bash expands$(...)inside double quotes, so any user-controlled string (branch name → workspace path → shell arg) could execute arbitrary commands with the user's full privileges.Implementation
WorktreeManager.ts— Replaced shell-basedexecAsync("rm -rf ...")withexecFileAsync("rm", ["-rf", path])which usesspawn()with array args (no shell at all). Removed deadexecAsync/getBashPathimports.streamManager.ts— Replaced"${path}"withshellQuote(path)(single-quote wrapping, safe against expansion).helpers.ts— SameshellQuote()fix for both plan migration and plan rename paths (5 interpolated values total).Validation
WorktreeManager.test.ts: creates a workspace with$(touch ...)in the branch name, force-deletes it, asserts the injected command was NOT executed.make typecheck✅make lint✅WorktreeManager.test.ts,shell.test.ts)Generated with
mux• Model:anthropic:claude-opus-4-6• Thinking:xhigh• Cost:$3.03