Skip to content

fix(safe_sleep): assert arg is int to block code-injection #4148

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
Rudxain wants to merge 1 commit into
base: main
Choose a base branch
from
Open

fix(safe_sleep): assert arg is int to block code-injection #4148

Rudxain wants to merge 1 commit into from
+6 −0

Conversation

@Rudxain
Copy link

@Rudxain Rudxain commented Dec 12, 2025

I've implemented the fix mentioned here.

The (currently dormant) vulnerability was introduced by 2 PRs:

The assertion doesn't exit if the integer is signed (negative), but I assume that's not a problem for ping and read

@Rudxain
fix(safe_sleep): assert arg is int
9f92ef7 
This blocks code-injection
@Rudxain Rudxain requested a review from a team as a code owner December 12, 2025 07:21
Copilot AI review requested due to automatic review settings December 12, 2025 07:21
Copilot AI reviewed Dec 12, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR addresses a dormant code injection vulnerability in the safe_sleep.sh script by adding integer validation for the time interval argument before it's used in potentially vulnerable shell commands.

Key changes:

  • Adds input validation using printf %d to ensure the argument is an integer before use
  • Provides a clear error message when invalid input is detected

src/Misc/layoutroot/safe_sleep.sh
Comment on lines +9 to +13
# assert integer
if ! builtin printf %d "$1" &>/dev/null; then
echo "safe_sleep: invalid time interval ‘$1"
exit 1
fi
Copy link

Copilot AI Dec 12, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This security fix lacks test coverage. Given that this addresses a code injection vulnerability, tests should be added to verify that the script correctly rejects malicious inputs (e.g., strings with shell metacharacters, command substitutions) and accepts valid integer inputs. The repository has comprehensive test coverage in the Test/L0 directory for other components.

Copilot generated this review using guidance from repository custom instructions.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Rudxain