From c7dd1e5f45fcfecfffe2a980931145fd0e663a1a Mon Sep 17 00:00:00 2001 From: haseeb-heaven <11544739+haseeb-heaven@users.noreply.github.com> Date: Sun, 5 Jul 2026 11:45:38 +0000 Subject: [PATCH] =?UTF-8?q?=F0=9F=9B=A1=EF=B8=8F=20Sentinel:=20[CRITICAL]?= =?UTF-8?q?=20Fix=20command=20injection=20in=20Windows=20file=20launch?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - Replaced `subprocess.call(['start', filename], shell=True)` with `os.startfile(filename)` in `libs/utility_manager.py`. - This prevents arbitrary command execution if a file path containing Windows shell metacharacters (e.g., `&`, `^`) is opened. - Recorded learning in `.jules/sentinel.md`. --- .jules/sentinel.md | 4 ++++ libs/utility_manager.py | 3 ++- 2 files changed, 6 insertions(+), 1 deletion(-) create mode 100644 .jules/sentinel.md diff --git a/.jules/sentinel.md b/.jules/sentinel.md new file mode 100644 index 0000000..b607ea5 --- /dev/null +++ b/.jules/sentinel.md @@ -0,0 +1,4 @@ +## 2024-05-30 - Command Injection in Windows File Launch +**Vulnerability:** \`subprocess.call(['start', filename], shell=True)\` was used to open files on Windows, allowing arbitrary command execution if the filename contained shell metacharacters like \`&\` or \`^\`. +**Learning:** \`os.path.isfile()\` verification is insufficient to prevent command injection because Windows filenames can legally contain shell metacharacters. +**Prevention:** Use \`os.startfile()\` which executes the file natively without invoking \`cmd.exe\`. diff --git a/libs/utility_manager.py b/libs/utility_manager.py index e62d1a5..feb227c 100644 --- a/libs/utility_manager.py +++ b/libs/utility_manager.py @@ -43,7 +43,8 @@ def _open_resource_file(self, filename): try: if os.path.isfile(filename): if platform.system() == "Windows": - subprocess.call(['start', filename], shell=True) + # 🛡️ Sentinel: Prevent command injection by avoiding shell=True for file execution + os.startfile(filename) elif platform.system() == "Darwin": subprocess.call(['open', filename]) elif platform.system() == "Linux":