NotAShelf/eh
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

eh: add input validate to multicall dispatcher

Browse source 
Signed-off-by: NotAShelf <raf@notashelf.dev>
Change-Id: I6e7dc21c716b16ef1f9827eed4cdad396a6a6964
This commit is contained in:
raf 2025-11-15 20:49:26 +03:00
commit 0d50b374bd
Signed by: NotAShelf
GPG key ID: 29D95B64378DB4BF
2 changed files with 7 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

6
eh/src/main.rs
View file

@ -36,6 +36,12 @@ fn dispatch_multicall(
args: std::env::Args, args: std::env::Args,
) -> Option<Result<i32>> { ) -> Option<Result<i32>> {
let rest: Vec<String> = args.collect(); let rest: Vec<String> = args.collect();
// Validate arguments before processing
if let Err(e) = util::validate_nix_args(&rest) {
return Some(Err(e));
}
let hash_extractor = util::RegexHashExtractor; let hash_extractor = util::RegexHashExtractor;
let fixer = util::DefaultNixFileFixer; let fixer = util::DefaultNixFileFixer;
let classifier = util::DefaultNixErrorClassifier; let classifier = util::DefaultNixErrorClassifier;

2
eh/src/util.rs
View file

@ -174,7 +174,7 @@ fn pre_evaluate(_subcommand: &str, args: &[String]) -> Result<bool> {
Ok(false) Ok(false)
} }
fn validate_nix_args(args: &[String]) -> Result<()> { pub fn validate_nix_args(args: &[String]) -> Result<()> {
const DANGEROUS_PATTERNS: &[&str] = &[ const DANGEROUS_PATTERNS: &[&str] = &[
";", "&&", "||", "|", "`", "$(", "${", ">", "<", ">>", "<<", "2>", "2>>", ";", "&&", "||", "|", "`", "$(", "${", ">", "<", ">>", "<<", "2>", "2>>",
]; ];