fix(proxy): reject shell snippets in single-arg form (#2163)#2165
Open
pen-pal wants to merge 1 commit into
Open
fix(proxy): reject shell snippets in single-arg form (#2163)#2165pen-pal wants to merge 1 commit into
pen-pal wants to merge 1 commit into
Conversation
`rtk proxy` executes the target binary directly via `Command::spawn`, with no shell in between. When a user wrapped a compound shell snippet in a single quoted argument (`rtk proxy 'for i in 1 2; do echo $i; done'`), `shell_split` produced tokens like `["for", "i", "in", "1", "2;", ...]` and operators (`;`, `&&`, `|`, `$()`, `>`, `&`) silently became positional arguments to the first binary. Worst case: token-like fragments created unintended filesystem entries. Add `first_unquoted_shell_metachar` that walks the raw single-arg string with the same quote state machine as `shell_split`, returning the first metacharacter that sits outside `'…'` / `"…"`. The proxy single-arg branch consults it before invoking `shell_split` and bails with a clear error message pointing at `rtk proxy sh -c '…'` for users who genuinely want shell semantics. Quoted operators stay legitimate payloads (`--format="%H %s"`, commit messages containing `&&`, etc.) — only unquoted metachars trip the rejection. Multi-arg form (`rtk proxy git log -1`) is unaffected since it never goes through `shell_split`. Covered by four new unit tests in `tests`: - simple commands accepted - quoted metacharacters ignored - bare operators (`;`, `|`, `&&`, `>`, `<`, `$(`, backtick, `(`) rejected - the issue rtk-ai#2163 compound-loop reproducer rejected Signed-off-by: penpal <unameme@proton.me>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
rtk proxysingle-arg form.;,&&,|,$(),>,<,&,`,(,{, newline. Quoted metachars stay literal.rtk proxy sh -c '…'for shell semantics.Test plan
cargo fmt --all && cargo clippy --all-targets && cargo test- 1986 pass, 0 warn'echo hello','git log --format="%H %s" -1', multi-arg form still run;|and$()rejectedCloses #2163