mirror of
https://github.com/LerianStudio/ring
synced 2026-04-21 21:47:49 +00:00
726ed9523d
Fixed 2 CRITICAL security vulnerabilities in compliance-validator.sh: **CVE-1: Arbitrary Command Execution** - Vulnerability: bash -c executed patterns from YAML without validation - Location: Lines 113-116, 120-124 (command_succeeds, command_output_contains) - Fix: * Implemented command whitelist (git, npm, yarn, pytest, jest, make, cargo, go, python) * Added validate_command() to check against whitelist * Added safe_run_command() with 30-second timeout * All commands now validated before execution * Proper error messages for rejected commands **CVE-2: Command Injection via Patterns** - Vulnerability: Unquoted patterns in git_diff_order case statements - Location: Lines 127-184 - Fix: * Added validate_pattern() to sanitize glob patterns * Reject patterns with dangerous chars (; & $ \` ( ) < > \\) * Sanitize patterns using tr -d before use in case statements * Validate pipe-separated pattern format **Security Enhancements:** - Whitelisted commands: git, npm, yarn, pytest, jest, make, cargo, go, python, python3, node - Command timeout: 30 seconds max (with macOS compatibility) - Pattern validation: Block special characters that could enable injection - Input sanitization: Remove dangerous chars from patterns before use **Testing:** - Created comprehensive security test suite (10 tests) - All tests pass: * CVE-1 command injection prevention (4 tests) * CVE-2 pattern injection prevention (2 tests) * Timeout protection * Whitelisted command execution * Multiple injection attempts * Command chaining prevention Test results: 10/10 passed Generated with Claude Code Co-Authored-By: Claude <noreply@anthropic.com> |
||
|---|---|---|
| .. | ||
| security-test-compliance-validator.sh | ||