Skip to content

fix: mitigate shell injection risk in hooks (#110)#320

Closed
web3guru888 wants to merge 1 commit intoMemPalace:mainfrom
web3guru888:fix/shell-injection
Closed

fix: mitigate shell injection risk in hooks (#110)#320
web3guru888 wants to merge 1 commit intoMemPalace:mainfrom
web3guru888:fix/shell-injection

Conversation

@web3guru888
Copy link
Copy Markdown

@web3guru888 web3guru888 commented Apr 9, 2026

fixes #110 by correctly sanitizing the session ID. The python calls already handle their system args, but the SESSION_ID variable required defensive bounds checking to ensure it only captures a-zA-Z0-9_- rather than unescaped json strings which might interpolate.

@web3guru888
fix(hooks): sanitize session id against shell injection (MemPalace#110)
3d8f8a7 
SESSION_ID is extracted from JSON stdin via python3 but then interpolated
unquoted into shell commands. A crafted session_id could inject arbitrary
shell commands. Sanitize with tr to only allow [a-zA-Z0-9_-] and fall
back to 'unknown' if empty after sanitization.
@web3guru888 web3guru888 force-pushed the fix/shell-injection branch from 7ce7674 to 3d8f8a7 Compare April 9, 2026 02:31
@web3guru888 web3guru888 mentioned this pull request Apr 9, 2026
Closed
@bensig
Copy link
Copy Markdown
Collaborator

bensig commented Apr 9, 2026

Hey — noticed pyproject.toml changes in this PR that widen the chromadb dependency from >=0.5.0,<0.7 to >=0.4.0,<1 but it's not mentioned in the PR description. Can you explain why this change is included? If it's a stale branch issue, a rebase should fix it.

@web3guru888
Copy link
Copy Markdown
Author

web3guru888 commented Apr 10, 2026

@bensig This PR only touches hooks/mempal_precompact_hook.sh — it adds SESSION_ID sanitization (3 lines) to prevent shell injection via crafted session IDs. No pyproject.toml changes in this diff.

Happy to rebase if needed, but the branch should be clean against current main.

This was referenced Apr 10, 2026
Closed
Closed
Closed
@bensig bensig mentioned this pull request Apr 11, 2026
Closed
@web3guru888
Copy link
Copy Markdown
Author

web3guru888 commented Apr 11, 2026

Closing in favor of #589 — JoeProAI's approach of using the same inline sanitization pattern from mempal_save_hook.sh is architecturally cleaner (consistent between hooks, single-pass). Already reviewed and confirmed the implementation there.

Keeping #319 (STAN extension docs) as a separate concern.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Shell injection risk in hook scripts ($TRANSCRIPT_PATH / $SESSION_ID)

2 participants

@web3guru888 @bensig