vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-06 18:50:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(security): block shell-wrapper line-continuation allowlist bypass

Browse Source
This commit is contained in:
Peter Steinberger
2026-02-22 22:36:29 +01:00
parent 7c109f5737
commit 3f0b9dbb36
6 changed files with 132 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
src/infra/exec-approvals.test.ts
View File

@@ -343,6 +343,14 @@ describe("exec approvals shell parsing", () => {
command: "/usr/bin/echo first line\n/usr/bin/echo second line",
reason: "unsupported shell token: \n",
},
{
command: 'echo "ok $\\\n(id -u)"',
reason: "unsupported shell token: newline",
},
{
command: 'echo "ok $\\\r\n(id -u)"',
reason: "unsupported shell token: newline",
},
{
command: "ping 127.0.0.1 -n 1 & whoami",
reason: "unsupported windows shell token: &",
@@ -548,6 +556,17 @@ describe("exec approvals shell allowlist (chained commands)", () => {
expect(result.allowlistSatisfied).toBe(true);
}
});
it("fails allowlist analysis for shell line continuations", () => {
const result = evaluateShellAllowlist({
command: 'echo "ok $\\\n(id -u)"',
allowlist: [{ pattern: "/usr/bin/echo" }],
safeBins: new Set(),
cwd: "/tmp",
});
expect(result.analysisOk).toBe(false);
expect(result.allowlistSatisfied).toBe(false);
});
});
describe("exec approvals safe bins", () => {