Skip to content

🛡️ Sentinel: [MEDIUM] Fix git argument injection and improve context propagation#4

Draft
T-ahamed2 wants to merge 1 commit into
mainfrom
sentinel/fix-git-argument-injection-3829113581638753184
Draft

🛡️ Sentinel: [MEDIUM] Fix git argument injection and improve context propagation#4
T-ahamed2 wants to merge 1 commit into
mainfrom
sentinel/fix-git-argument-injection-3829113581638753184

Conversation

@T-ahamed2

Copy link
Copy Markdown
Owner

🛡️ Sentinel: [MEDIUM] Fix git argument injection and improve context propagation

🚨 Severity: MEDIUM
💡 Vulnerability: Argument Injection (Flag Injection) in Git commands. User-controlled strings (like repo URLs or branch names) starting with a hyphen could be interpreted as Git CLI options.
🎯 Impact: An attacker could potentially achieve remote code execution (e.g., via --upload-pack) or perform unauthorized operations by injecting malicious flags into Git commands.
🔧 Fix:

  • Inserted -- separators before positional arguments in git clone, git ls-remote, git archive, git add, git status, and git ls-tree.
  • Standardized git checkout <ref> -- to safely handle revisions that might look like flags.
  • Promoted use of exec.CommandContext for better process lifecycle management.
    ✅ Verification:
  • Verified the fix with a reproduction script proving that -- prevents flag interpretation.
  • Ran go test ./pkg/parser/... and go test ./pkg/workflow/... (all passed).
  • Confirmed that pre-existing failures in pkg/cli/ are unrelated to these changes.
  • Recorded critical learnings in .jules/sentinel.md.

PR created automatically by Jules for task 3829113581638753184 started by @T-ahamed2

…propagation

This change mitigates potential Argument Injection (Flag Injection) vulnerabilities
in multiple Git command execution paths by:
1. Adding the '--' separator before positional arguments (URLs, refs, paths)
   to ensure they are not interpreted as CLI flags if they start with a hyphen.
2. Correcting the argument order for 'git checkout' to 'git checkout <ref> --'
   to properly distinguish the revision from pathspecs.
3. Replacing 'exec.Command' with 'exec.CommandContext' in several locations
   to ensure proper process cancellation and resource management.
4. Adding explicit context propagation to 'downloadFileViaGitClone'.

These enhancements harden the application's handling of remote repository
specifications and improve overall system reliability.
@google-labs-jules

Copy link
Copy Markdown

👋 Jules, reporting for duty! I'm here to lend a hand with this pull request.

When you start a review, I'll add a 👀 emoji to each comment to let you know I've read it. I'll focus on feedback directed at me and will do my best to stay out of conversations between you and other bots or reviewers to keep the noise down.

I'll push a commit with your requested changes shortly after. Please note there might be a delay between these steps, but rest assured I'm on the job!

For more direct control, you can switch me to Reactive Mode. When this mode is on, I will only act on comments where you specifically mention me with @jules. You can find this option in the Pull Request section of your global Jules UI settings. You can always switch back!

New to Jules? Learn more at jules.google/docs.


For security, I will only act on instructions from the user who triggered this task.

@coderabbitai

coderabbitai Bot commented Jun 24, 2026

Copy link
Copy Markdown

Important

Review skipped

Draft detected.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro Plus

Run ID: 8409ebd5-9091-4d1e-b07e-a380cbe0c344

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

  • 🔍 Trigger review
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch sentinel/fix-git-argument-injection-3829113581638753184

Comment @coderabbitai help to get the list of available commands.

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request introduces Git argument injection mitigations across several CLI and parser packages by adding the -- separator to various Git commands (such as clone, checkout, fetch, archive, add, status, and ls-tree), and documents these practices in a new sentinel file. However, the reviewer identified critical issues where the -- separator was incorrectly applied: in git archive commands, the revision reference must be placed before the -- separator, and in git fetch commands, the -- separator is unsupported and will cause the command to fail.

Important

The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.

// #nosec G204 -- repoURL, ref, and path are from workflow import configuration authored by the
// developer; exec.CommandContext with separate args (not shell execution) prevents shell injection.
cmd := exec.CommandContext(ctx, "git", "archive", "--remote="+repoURL, ref, path)
cmd := exec.CommandContext(ctx, "git", "archive", "--remote="+repoURL, "--", ref, path)

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

critical

In git archive, the <tree-ish> (revision/ref) is a mandatory positional argument that must appear before the -- separator. The -- separator is used to separate the revision from the pathspecs.

If -- is placed before ref, Git will treat both ref and path as pathspecs, and the command will fail because the mandatory <tree-ish> argument is missing.

The correct syntax is to place ref before -- and path after --.

Suggested change
cmd := exec.CommandContext(ctx, "git", "archive", "--remote="+repoURL, "--", ref, path)
cmd := exec.CommandContext(ctx, "git", "archive", "--remote="+repoURL, ref, "--", path)

// because the server needs to send enough history to reach the specific commit.
// However, it still limits the working directory to only the requested file.
fetchCmd := exec.CommandContext(ctx, "git", "-C", tmpDir, "fetch", "--depth", "1", "origin", ref)
fetchCmd := exec.CommandContext(ctx, "git", "-C", tmpDir, "fetch", "--depth", "1", "origin", "--", ref)

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

critical

git fetch does not accept pathspecs and does not support -- as a separator. If -- is passed to git fetch, it will treat it as a refspec, resulting in the error:
fatal: Invalid refspec '--'

This will completely break the fetch operation. The correct approach is to omit -- entirely.

Suggested change
fetchCmd := exec.CommandContext(ctx, "git", "-C", tmpDir, "fetch", "--depth", "1", "origin", "--", ref)
fetchCmd := exec.CommandContext(ctx, "git", "-C", tmpDir, "fetch", "--depth", "1", "origin", ref)

} else {
// For branch/tag refs, fetch the specific ref
fetchCmd := exec.CommandContext(ctx, "git", "-C", tmpDir, "fetch", "--depth", "1", "origin", ref)
fetchCmd := exec.CommandContext(ctx, "git", "-C", tmpDir, "fetch", "--depth", "1", "origin", "--", ref)

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

critical

git fetch does not accept pathspecs and does not support -- as a separator. If -- is passed to git fetch, it will treat it as a refspec, resulting in the error:
fatal: Invalid refspec '--'

This will completely break the fetch operation. The correct approach is to omit -- entirely.

Suggested change
fetchCmd := exec.CommandContext(ctx, "git", "-C", tmpDir, "fetch", "--depth", "1", "origin", "--", ref)
fetchCmd := exec.CommandContext(ctx, "git", "-C", tmpDir, "fetch", "--depth", "1", "origin", ref)

// #nosec G204 -- repoURL, ref, and path are from workflow import configuration authored by the
// developer; exec.Command with separate args (not shell execution) prevents shell injection.
cmd := exec.Command("git", "archive", "--remote="+repoURL, ref, path)
cmd := exec.CommandContext(ctx, "git", "archive", "--remote="+repoURL, "--", ref, path)

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

critical

In git archive, the <tree-ish> (revision/ref) is a mandatory positional argument that must appear before the -- separator. The -- separator is used to separate the revision from the pathspecs.

If -- is placed before ref, Git will treat both ref and path as pathspecs, and the command will fail because the mandatory <tree-ish> argument is missing.

The correct syntax is to place ref before -- and path after --.

Suggested change
cmd := exec.CommandContext(ctx, "git", "archive", "--remote="+repoURL, "--", ref, path)
cmd := exec.CommandContext(ctx, "git", "archive", "--remote="+repoURL, ref, "--", path)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant