Skip to content

πŸ›‘οΈ Sentinel: [CRITICAL] Fix arbitrary code execution via git config in untrusted repositories #52

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
tachyon-beep wants to merge 1 commit into
base: main
Choose a base branch
from
Open

πŸ›‘οΈ Sentinel: [CRITICAL] Fix arbitrary code execution via git config in untrusted repositories #52

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions .jules/sentinel.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
## 2024-05-24 - Arbitrary code execution via git config in untrusted repositories
**Vulnerability:** Calling `git` without disabling `core.fsmonitor` allows local code execution from `.git/config` when run against an untrusted repository.
**Learning:** Python`s `subprocess.run(["git", ...])` is vulnerable to RCE if an attacker provides a malicious `.git/config` configuring `core.fsmonitor` to execute arbitrary shell scripts. Although `src/wardline/core/attest.py` properly safeguarded this with `_SAFE_GIT_CONFIG`, other files (`delta.py`, `legis.py`) were not using it.
**Prevention:** Always use `_SAFE_GIT_CONFIG = ("-c", "core.fsmonitor=false")` for any git invocations via `subprocess` against directories that might be untrusted, especially inside static analyzers.
10 changes: 6 additions & 4 deletions src/wardline/core/delta.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,8 @@

from wardline.core.errors import WardlineError

_SAFE_GIT_CONFIG = ("-c", "core.fsmonitor=false")

if TYPE_CHECKING:
from wardline.scanner.index import Entity

Expand All @@ -22,7 +24,7 @@ def get_changed_files_since(ref: str, root: Path) -> set[str]:
# 1. Get the git toplevel directory.
try:
res = subprocess.run(
["git", "rev-parse", "--show-toplevel"],
["git", *_SAFE_GIT_CONFIG, "rev-parse", "--show-toplevel"],
cwd=root,
capture_output=True,
text=True,
Expand All @@ -38,7 +40,7 @@ def get_changed_files_since(ref: str, root: Path) -> set[str]:
# 2. Resolve ref to a verified object id before passing it to git diff.
try:
res = subprocess.run(
["git", "rev-parse", "--verify", "--end-of-options", ref],
["git", *_SAFE_GIT_CONFIG, "rev-parse", "--verify", "--end-of-options", ref],
cwd=git_toplevel,
capture_output=True,
text=True,
Expand All @@ -54,7 +56,7 @@ def get_changed_files_since(ref: str, root: Path) -> set[str]:
# 3. Get changed files since ref (committed since ref, staged, unstaged).
try:
res = subprocess.run(
["git", "diff", "--name-only", verified_ref, "--"],
["git", *_SAFE_GIT_CONFIG, "diff", "--name-only", verified_ref, "--"],
cwd=git_toplevel,
capture_output=True,
text=True,
Expand All @@ -68,7 +70,7 @@ def get_changed_files_since(ref: str, root: Path) -> set[str]:
# 4. Get untracked files.
try:
res = subprocess.run(
["git", "ls-files", "--others", "--exclude-standard"],
["git", *_SAFE_GIT_CONFIG, "ls-files", "--others", "--exclude-standard"],
cwd=git_toplevel,
capture_output=True,
text=True,
Expand Down
5 changes: 3 additions & 2 deletions src/wardline/core/legis.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -56,6 +56,7 @@
LEGIS_ARTIFACT_KEY_ENV = "WARDLINE_LEGIS_ARTIFACT_KEY"
SIG_PREFIX = "hmac-sha256:v2:"
ARTIFACT_SIGNATURE_FIELD = "artifact_signature"
_SAFE_GIT_CONFIG = ("-c", "core.fsmonitor=false")

# Cross-member scan-artifact keys that legis reads with a DEFAULT, not a hard
# requirement (``findings`` -> empty list, ``dirty`` -> false). A silent rename of one
Expand Down Expand Up @@ -199,7 +200,7 @@ def _git_tree_sha(root: Path) -> str | None:
"""
try:
rev = subprocess.run(
["git", "rev-parse", "HEAD^{tree}"],
["git", *_SAFE_GIT_CONFIG, "rev-parse", "HEAD^{tree}"],
cwd=root,
capture_output=True,
text=True,
Expand All @@ -215,7 +216,7 @@ def _git_repo_root(root: Path) -> Path | None:
"""The containing git repository root, or None when unavailable."""
try:
rev = subprocess.run(
["git", "rev-parse", "--show-toplevel"],
["git", *_SAFE_GIT_CONFIG, "rev-parse", "--show-toplevel"],
cwd=root,
capture_output=True,
text=True,
Expand Down
12 changes: 10 additions & 2 deletions tests/unit/core/test_delta.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -43,8 +43,16 @@ def run_dispatch(args, **kwargs):
res = get_changed_files_since("HEAD~1", root)

assert res == {"foo.py", "bar.py", "baz.py"}
assert mock_run.call_args_list[1].args[0] == ["git", "rev-parse", "--verify", "--end-of-options", "HEAD~1"]
assert mock_run.call_args_list[2].args[0] == ["git", "diff", "--name-only", "abc123", "--"]
_SAFE_GIT_CONFIG = ("-c", "core.fsmonitor=false")
assert mock_run.call_args_list[1].args[0] == [
"git",
*_SAFE_GIT_CONFIG,
"rev-parse",
"--verify",
"--end-of-options",
"HEAD~1",
]
assert mock_run.call_args_list[2].args[0] == ["git", *_SAFE_GIT_CONFIG, "diff", "--name-only", "abc123", "--"]


@patch("subprocess.run")
Expand Down
Loading