From f5d3e81b86b4fd7c9d9405489f1808ddfa6bdc77 Mon Sep 17 00:00:00 2001 From: "google-labs-jules[bot]" <161369871+google-labs-jules[bot]@users.noreply.github.com> Date: Wed, 24 Jun 2026 16:42:58 +0000 Subject: [PATCH] =?UTF-8?q?=F0=9F=9B=A1=EF=B8=8F=20Sentinel:=20[CRITICAL]?= =?UTF-8?q?=20Fix=20git=20config=20arbitrary=20code=20execution=20vulnerab?= =?UTF-8?q?ility?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Added `-c core.fsmonitor=false` to git subprocess calls in `delta.py` and `legis.py` to prevent arbitrary code execution from malicious `.git/config` files in untrusted repositories. Co-authored-by: tachyon-beep <544926+tachyon-beep@users.noreply.github.com> --- .jules/sentinel.md | 4 ++++ src/wardline/core/delta.py | 10 ++++++---- src/wardline/core/legis.py | 6 ++++-- tests/unit/core/test_delta.py | 20 ++++++++++++++++++-- 4 files changed, 32 insertions(+), 8 deletions(-) create mode 100644 .jules/sentinel.md diff --git a/.jules/sentinel.md b/.jules/sentinel.md new file mode 100644 index 00000000..34d1b44d --- /dev/null +++ b/.jules/sentinel.md @@ -0,0 +1,4 @@ +## 2026-06-24 - Prevent Git Config Local Code Execution +**Vulnerability:** Invoking `git` via `subprocess` against potentially untrusted directories can lead to local code execution via malicious `.git/config` files (for example using the `core.fsmonitor` configuration). +**Learning:** Even simple git operations like `git status` or `git rev-parse` can execute arbitrary code if run against an attacker-controlled directory containing a malicious `.git/config`. +**Prevention:** Always apply the configuration `("-c", "core.fsmonitor=false")` (typically defined as `_SAFE_GIT_CONFIG` in this codebase) when invoking `git` via `subprocess` against potentially untrusted directories. diff --git a/src/wardline/core/delta.py b/src/wardline/core/delta.py index c4d63f0e..0c073664 100644 --- a/src/wardline/core/delta.py +++ b/src/wardline/core/delta.py @@ -8,6 +8,8 @@ from wardline.core.errors import WardlineError +_SAFE_GIT_CONFIG = ("-c", "core.fsmonitor=false") + if TYPE_CHECKING: from wardline.scanner.index import Entity @@ -22,7 +24,7 @@ def get_changed_files_since(ref: str, root: Path) -> set[str]: # 1. Get the git toplevel directory. try: res = subprocess.run( - ["git", "rev-parse", "--show-toplevel"], + ["git", *_SAFE_GIT_CONFIG, "rev-parse", "--show-toplevel"], cwd=root, capture_output=True, text=True, @@ -38,7 +40,7 @@ def get_changed_files_since(ref: str, root: Path) -> set[str]: # 2. Resolve ref to a verified object id before passing it to git diff. try: res = subprocess.run( - ["git", "rev-parse", "--verify", "--end-of-options", ref], + ["git", *_SAFE_GIT_CONFIG, "rev-parse", "--verify", "--end-of-options", ref], cwd=git_toplevel, capture_output=True, text=True, @@ -54,7 +56,7 @@ def get_changed_files_since(ref: str, root: Path) -> set[str]: # 3. Get changed files since ref (committed since ref, staged, unstaged). try: res = subprocess.run( - ["git", "diff", "--name-only", verified_ref, "--"], + ["git", *_SAFE_GIT_CONFIG, "diff", "--name-only", verified_ref, "--"], cwd=git_toplevel, capture_output=True, text=True, @@ -68,7 +70,7 @@ def get_changed_files_since(ref: str, root: Path) -> set[str]: # 4. Get untracked files. try: res = subprocess.run( - ["git", "ls-files", "--others", "--exclude-standard"], + ["git", *_SAFE_GIT_CONFIG, "ls-files", "--others", "--exclude-standard"], cwd=git_toplevel, capture_output=True, text=True, diff --git a/src/wardline/core/legis.py b/src/wardline/core/legis.py index 87144974..f0156280 100644 --- a/src/wardline/core/legis.py +++ b/src/wardline/core/legis.py @@ -49,6 +49,8 @@ from wardline.core.safe_paths import safe_project_file from wardline.core.taints import TaintState +_SAFE_GIT_CONFIG = ("-c", "core.fsmonitor=false") + if TYPE_CHECKING: from wardline.core.config import WardlineConfig from wardline.core.run import ScanResult @@ -199,7 +201,7 @@ def _git_tree_sha(root: Path) -> str | None: """ try: rev = subprocess.run( - ["git", "rev-parse", "HEAD^{tree}"], + ["git", *_SAFE_GIT_CONFIG, "rev-parse", "HEAD^{tree}"], cwd=root, capture_output=True, text=True, @@ -215,7 +217,7 @@ def _git_repo_root(root: Path) -> Path | None: """The containing git repository root, or None when unavailable.""" try: rev = subprocess.run( - ["git", "rev-parse", "--show-toplevel"], + ["git", *_SAFE_GIT_CONFIG, "rev-parse", "--show-toplevel"], cwd=root, capture_output=True, text=True, diff --git a/tests/unit/core/test_delta.py b/tests/unit/core/test_delta.py index 5b16c7af..9d0ca7ba 100644 --- a/tests/unit/core/test_delta.py +++ b/tests/unit/core/test_delta.py @@ -43,8 +43,24 @@ def run_dispatch(args, **kwargs): res = get_changed_files_since("HEAD~1", root) assert res == {"foo.py", "bar.py", "baz.py"} - assert mock_run.call_args_list[1].args[0] == ["git", "rev-parse", "--verify", "--end-of-options", "HEAD~1"] - assert mock_run.call_args_list[2].args[0] == ["git", "diff", "--name-only", "abc123", "--"] + assert mock_run.call_args_list[1].args[0] == [ + "git", + "-c", + "core.fsmonitor=false", + "rev-parse", + "--verify", + "--end-of-options", + "HEAD~1", + ] + assert mock_run.call_args_list[2].args[0] == [ + "git", + "-c", + "core.fsmonitor=false", + "diff", + "--name-only", + "abc123", + "--", + ] @patch("subprocess.run")