github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-08 11:01:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(security): block shell-wrapper line-continuation allowlist bypass

Browse Source
This commit is contained in:
Peter Steinberger
2026-02-22 22:36:29 +01:00
parent 7c109f5737
commit 3f0b9dbb36
6 changed files with 132 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
src/infra/exec-approvals-analysis.ts
View File

@@ -317,7 +317,7 @@ export type ShellChainPart = {
};
const DISALLOWED_PIPELINE_TOKENS = new Set([">", "<", "`", "\n", "\r", "(", ")"]);
const DOUBLE_QUOTE_ESCAPES = new Set(["\\", '"', "$", "`", "\n", "\r"]);
const DOUBLE_QUOTE_ESCAPES = new Set(["\\", '"', "$", "`"]);
const WINDOWS_UNSUPPORTED_TOKENS = new Set([
"&",
"|",
@@ -336,6 +336,10 @@ function isDoubleQuoteEscape(next: string | undefined): next is string {
return Boolean(next && DOUBLE_QUOTE_ESCAPES.has(next));
}
function isEscapedLineContinuation(next: string | undefined): next is string {
return next === "\n" || next === "\r";
}
function splitShellPipeline(command: string): { ok: boolean; reason?: string; segments: string[] } {
type HeredocSpec = {
delimiter: string;
@@ -485,6 +489,9 @@ function splitShellPipeline(command: string): { ok: boolean; reason?: string; se
continue;
}
if (inDouble) {
if (ch === "\\" && isEscapedLineContinuation(next)) {
return { ok: false, reason: "unsupported shell token: newline", segments: [] };
}
if (ch === "\\" && isDoubleQuoteEscape(next)) {
buf += ch;
buf += next;
@@ -749,6 +756,10 @@ export function splitCommandChainWithOperators(command: string): ShellChainPart[
continue;
}
if (inDouble) {
if (ch === "\\" && isEscapedLineContinuation(next)) {
invalidChain = true;
break;
}
if (ch === "\\" && isDoubleQuoteEscape(next)) {
buf += ch;
buf += next;