mirror of
https://github.com/safishamsi/graphify.git
synced 2026-07-12 02:17:04 +00:00
46a1d4cabb
F3: OLLAMA_BASE_URL pointing at a link-local or cloud-metadata address (169.254.x, metadata.google.*, 0.0.0.0) now fails closed instead of only warning, since no real Ollama host lives there and it is a classic SSRF target. General LAN hosts still warn-and-allow. F5: the Fortran C-preprocessor call now passes an absolute path. cpp has no '--' end-of-options terminator, so an attacker-named corpus file like '-I/etc/x.F90' could otherwise be parsed as a cpp option; an absolute path always begins with '/' and cannot be. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
33 lines
1.0 KiB
Python
33 lines
1.0 KiB
Python
"""The Fortran C-preprocessor path is hardened against argument injection (F5).
|
|
|
|
A corpus file is attacker-named; cpp does not accept a "--" end-of-options
|
|
terminator, so _cpp_preprocess passes an absolute path which can never be parsed
|
|
as a cpp option.
|
|
"""
|
|
from graphify import extract
|
|
|
|
|
|
def test_cpp_preprocess_passes_absolute_path(tmp_path, monkeypatch):
|
|
f = tmp_path / "weird.F90"
|
|
f.write_text("program x\nend program x\n")
|
|
|
|
captured = {}
|
|
|
|
def fake_run(argv, **kwargs):
|
|
captured["argv"] = argv
|
|
|
|
class _Result:
|
|
returncode = 0
|
|
stdout = b"preprocessed"
|
|
|
|
return _Result()
|
|
|
|
monkeypatch.setattr("shutil.which", lambda name: "/usr/bin/cpp")
|
|
monkeypatch.setattr("subprocess.run", fake_run)
|
|
|
|
out = extract._cpp_preprocess(f)
|
|
assert out == b"preprocessed"
|
|
last_arg = captured["argv"][-1]
|
|
assert last_arg.startswith("/"), f"path arg must be absolute, got {last_arg!r}"
|
|
assert not last_arg.startswith("-"), "path arg must never look like an option"
|