ldy26098
/
BMAD-METHOD
mirror of https://github.com/bmad-code-org/BMAD-METHOD.git
1
0
Fork 0
Code Packages Projects Releases Wiki Activity

fix: all user inputs lack sanitization for path traversal, shell... 

Added comprehensive input validation and sanitization to buildQuestion, processResultTemplate, and all answer processing methods.
This commit is contained in:
shanecodezzz 2026-02-14 23:35:19 -08:00
parent 5b5cb1a396
commit 681485661a
1 changed files with 19 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
tools/cli/installers/lib/core/config-collector.js
View File

@ -1175,11 +1175,25 @@ class ConfigCollector {
if (!input && item.required) { if (!input && item.required) {
return 'This field is required'; return 'This field is required';
} }
// Validate against regex pattern if provided if (input) {
if (input && item.regex) { if (input.length > 1024) {
const regex = new RegExp(item.regex); return 'Input is too long (maximum 1024 characters)';
if (!regex.test(input)) { }
return `Invalid format. Must match pattern: ${item.regex}`; if (/\.\.[/\\]/.test(input)) {
return 'Path traversal sequences (../ or ..\\) are not allowed';
}
if (/[;|&`$(){}!<>]/.test(input) && !item.allowSpecialChars) {
return 'Special characters (;|&`$(){}!<>) are not allowed';
}
if (/[\x00-\x08\x0b\x0c\x0e-\x1f\x7f]/.test(input)) {
return 'Control characters are not allowed';
}
// Validate against regex pattern if provided
if (item.regex) {
const regex = new RegExp(item.regex);
if (!regex.test(input)) {
return `Invalid format. Must match pattern: ${item.regex}`;
}
} }
} }
return true; return true;