fix(tools): Shell escape path and range in ReadFileTool command

Jacksunwei · Jacksunwei · commit e16629b38814 · 2026-05-27T09:45:50.000-07:00
Use shlex.quote to escape the path and range arguments in the ReadFileTool shell command to prevent potential shell injection vulnerabilities.

Change-Id: I5156b616296fc7fac3b98da2b500e4aeb1e3022c
diff --git a/src/google/adk/tools/environment/_read_file_tool.py b/src/google/adk/tools/environment/_read_file_tool.py
@@ -17,6 +17,7 @@
 from __future__ import annotations
 
 import logging
+import shlex
 from typing import Any
 from typing import Optional
 from typing import TYPE_CHECKING
@@ -109,8 +110,9 @@ async def run_async(
         sed_range = f'{start},{end_line}'
       else:
         sed_range = f'{start},$'
-      # TODO: use shlex.quote to quote `path` and `sed_range`.
-      cmd = f"cat -n '{path}' | sed -n '{sed_range}p'"
+      path_arg = shlex.quote(path)
+      sed_arg = shlex.quote(f'{sed_range}p')
+      cmd = f'cat -n {path_arg} | sed -n {sed_arg}'
       res = await self._environment.execute(cmd)
       if res.exit_code == 0:
         return {
