Skip to content

Fix shell injection in run_editor and add STDERR TTY check for --interactive#12

Merged
hahwul merged 2 commits into
codex/feature-interactive-patch-applicationfrom
copilot/fix-code-for-comments
May 27, 2026
Merged

Fix shell injection in run_editor and add STDERR TTY check for --interactive#12
hahwul merged 2 commits into
codex/feature-interactive-patch-applicationfrom
copilot/fix-code-for-comments

Conversation

Copilot AI commented May 27, 2026
edited
Loading

Copy link
Copy Markdown

Addresses two issues from code review:

  • run_editor shell injection (src/cjules/unidiff.cr): shell_escape didn't correctly handle single quotes in POSIX shells due to gsub interpreting backslashes in the replacement string. Removed shell invocation entirely — editor command is now split into argv and the path is passed as a separate argument to Process.run, eliminating both the escaping bug and injection risk.

  • Incomplete TTY check (src/cjules/commands/patch.cr): --interactive only validated STDIN.tty? && STDOUT.tty?, but prompts are written to STDERR. Added STDERR.tty? so the command errors out instead of silently hanging when STDERR is redirected.

# Before: shell invocation with broken quoting
cmd = "#{editor} #{shell_escape(path)}"
Process.run("sh", ["-lc", cmd], ...)

# After: direct exec, no shell
parts = editor.split
Process.run(parts[0], parts[1..] + [path], ...)

Fix shell injection in run_editor and add STDERR TTY check for --inte…
63281ab 
…ractive

- Avoid shell invocation in run_editor by parsing editor into argv and
  passing path as a separate argument, eliminating quoting/injection risks.
- Add STDERR.tty? check alongside STDIN/STDOUT in --interactive mode
  so the command won't appear to hang when STDERR is redirected.
Copilot AI changed the title [WIP] Fix code based on review comments Fix shell injection in run_editor and add STDERR TTY check for --interactive May 27, 2026
Copilot finished work on behalf of hahwul May 27, 2026 12:41
Copilot AI requested a review from hahwul May 27, 2026 12:41
@hahwul hahwul marked this pull request as ready for review May 27, 2026 14:24
@hahwul hahwul merged commit 7eabda2 into codex/feature-interactive-patch-application May 27, 2026
@hahwul hahwul deleted the copilot/fix-code-for-comments branch May 27, 2026 14:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@hahwul hahwul Awaiting requested review from hahwul

Assignees

@hahwul hahwul

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@hahwul