-
Notifications
You must be signed in to change notification settings - Fork 13
Description
Summary
The vault secret escaping in model_resolver.ts (lines 775-780) covers double quotes, backslashes, and whitespace characters, but does not escape single quotes (') or backticks (`). The vault.get regex at line 758 accepts all three quote styles as argument delimiters. While the double-quote wrapping at line 783 mitigates the single-quote case for CEL evaluation, this is an incomplete defense-in-depth.
Affected Code
model_resolver.ts lines 775-780:
const escapedValue = secretValue
.replace(/\\/g, "\\\\")
.replace(/"/g, '\\"')
.replace(/\n/g, "\\n")
.replace(/\r/g, "\\r")
.replace(/\t/g, "\\t");
// Missing: no .replace for ' or `Line 758 — regex accepts ', ", and ` as quote delimiters:
/vault\.get\(\s*(['"`]?)([^'"`\s,]+)\1\s*,\s*(['"`]?)([^'"`\s,]+)\3\s*\)/gSteps to Reproduce
A secret value like p@ss'w0rd or value`with`backticks passes through escaping unchanged. While currently mitigated by the "${escapedValue}" wrapping, future changes to the quoting strategy could expose this gap.
Expected Behavior
All quote characters accepted by the vault.get regex should be escaped in secret values for defense-in-depth.
Fix Approach
Add .replace(/'/g, "\\'") and .replace(//g, "\") to the escape chain.