Skip to content

Harden examiner test execution with canonical path validation and strict input handling-Pr 838 base Branch #847

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
Srustisundar wants to merge 3 commits into
base: develop
Choose a base branch
from
Open

Harden examiner test execution with canonical path validation and strict input handling-Pr 838 base Branch #847

Srustisundar wants to merge 3 commits into from

Conversation

@Srustisundar
Copy link

@Srustisundar Srustisundar commented Jan 7, 2026

  1. Added strict validation for test names to ensure only simple filenames are accepted.
  2. Validated command aguments once and reused the sanitized result to avoid accidental reintroduction of untrusted input.
    3.Resolved executable paths to their canonical (real) filesystem paths before execution.
  3. Verified that the canonical path still resides within the allowed examiner directories, preventing symlink-based escapes.
  4. Added a defense-in-depth validation before process execution to make intent clear and auditable.

Why this was done
Static analysis flagged the previous implementation due to potential ambiguity around child process execution paths.
Although practical exploitation was already constrained, this hardening removes any remaining doubt by making all trust boundaries explicit also increases the veracode security score

jorgemoralespou
jorgemoralespou approved these changes Jan 9, 2026
View reviewed changes
Copy link
Collaborator

@jorgemoralespou jorgemoralespou left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

hey @Srustisundar All looks fine except for the reformatting of existing code and change in formatting style. But we can fix that in a later PR, since we need to add global formatter

@jorgemoralespou
Copy link
Collaborator

jorgemoralespou commented Jan 9, 2026

@GrahamDumpleton Are you ok with this PR?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jorgemoralespou jorgemoralespou jorgemoralespou approved these changes

@GrahamDumpleton GrahamDumpleton Awaiting requested review from GrahamDumpleton

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Srustisundar @jorgemoralespou