negodiy/openclaw
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

fix(security): block startup-file env injection across host execution paths

Browse Source
This commit is contained in:
Peter Steinberger
2026-02-21 11:43:53 +01:00
parent 6b2f2811dc
commit 2cdbadee1f
13 changed files with 318 additions and 147 deletions
Download Patch File Download Diff File Expand all files Collapse all files

45
src/node-host/invoke.sanitize-env.test.ts
View File

@@ -7,7 +7,7 @@ describe("node-host sanitizeEnv", () => {
const prev = process.env.PATH;
process.env.PATH = "/usr/bin";
try {
const env = sanitizeEnv({ PATH: "/tmp/evil:/usr/bin" }) ?? {};
const env = sanitizeEnv({ PATH: "/tmp/evil:/usr/bin" });
expect(env.PATH).toBe("/usr/bin");
} finally {
if (prev === undefined) {
@@ -21,18 +21,21 @@ describe("node-host sanitizeEnv", () => {
it("blocks dangerous env keys/prefixes", () => {
const prevPythonPath = process.env.PYTHONPATH;
const prevLdPreload = process.env.LD_PRELOAD;
const prevBashEnv = process.env.BASH_ENV;
try {
delete process.env.PYTHONPATH;
delete process.env.LD_PRELOAD;
const env =
sanitizeEnv({
PYTHONPATH: "/tmp/pwn",
LD_PRELOAD: "/tmp/pwn.so",
FOO: "bar",
}) ?? {};
delete process.env.BASH_ENV;
const env = sanitizeEnv({
PYTHONPATH: "/tmp/pwn",
LD_PRELOAD: "/tmp/pwn.so",
BASH_ENV: "/tmp/pwn.sh",
FOO: "bar",
});
expect(env.FOO).toBe("bar");
expect(env.PYTHONPATH).toBeUndefined();
expect(env.LD_PRELOAD).toBeUndefined();
expect(env.BASH_ENV).toBeUndefined();
} finally {
if (prevPythonPath === undefined) {
delete process.env.PYTHONPATH;
@@ -44,6 +47,34 @@ describe("node-host sanitizeEnv", () => {
} else {
process.env.LD_PRELOAD = prevLdPreload;
}
if (prevBashEnv === undefined) {
delete process.env.BASH_ENV;
} else {
process.env.BASH_ENV = prevBashEnv;
}
}
});
it("drops dangerous inherited env keys even without overrides", () => {
const prevPath = process.env.PATH;
const prevBashEnv = process.env.BASH_ENV;
try {
process.env.PATH = "/usr/bin:/bin";
process.env.BASH_ENV = "/tmp/pwn.sh";
const env = sanitizeEnv(undefined);
expect(env.PATH).toBe("/usr/bin:/bin");
expect(env.BASH_ENV).toBeUndefined();
} finally {
if (prevPath === undefined) {
delete process.env.PATH;
} else {
process.env.PATH = prevPath;
}
if (prevBashEnv === undefined) {
delete process.env.BASH_ENV;
} else {
process.env.BASH_ENV = prevBashEnv;
}
}
});
});