eh: add input validate to multicall dispatcher

Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: I6e7dc21c716b16ef1f9827eed4cdad396a6a6964
2025-11-15 20:49:26 +03:00 · 2025-11-15 20:49:26 +03:00 · 0d50b374bd
commit 0d50b374bd
parent 7847e8faae
2 changed files with 7 additions and 1 deletions
--- a/eh/src/main.rs
+++ b/eh/src/main.rs
@ -36,6 +36,12 @@ fn dispatch_multicall(
  args: std::env::Args,
 ) -> Option<Result<i32>> {
  let rest: Vec<String> = args.collect();
+  
+  // Validate arguments before processing
+  if let Err(e) = util::validate_nix_args(&rest) {
+    return Some(Err(e));
+  }
+  
  let hash_extractor = util::RegexHashExtractor;
  let fixer = util::DefaultNixFileFixer;
  let classifier = util::DefaultNixErrorClassifier;
--- a/eh/src/util.rs
+++ b/eh/src/util.rs
@ -174,7 +174,7 @@ fn pre_evaluate(_subcommand: &str, args: &[String]) -> Result<bool> {
  Ok(false)
 }

-fn validate_nix_args(args: &[String]) -> Result<()> {
+pub fn validate_nix_args(args: &[String]) -> Result<()> {
  const DANGEROUS_PATTERNS: &[&str] = &[
    ";", "&&", "||", "|", "`", "$(", "${", ">", "<", ">>", "<<", "2>", "2>>",
  ];