



















@@ -17,8 +17,20 @@ describe("command-analysis risks", () => {
1717"-c",
1818);
1919expect(detectInlineEvalArgv(["sudo", "-uroot", "python3", "-c", "print(1)"])?.flag).toBe("-c");
20+expect(detectInlineEvalArgv(["sudo", "-EH", "python3", "-c", "print(1)"])?.flag).toBe("-c");
21+expect(detectInlineEvalArgv(["sudo", "-Eu", "root", "python3", "-c", "print(1)"])?.flag).toBe(
22+"-c",
23+);
2024expect(detectInlineEvalArgv(["doas", "-uroot", "python3", "-c", "print(1)"])?.flag).toBe("-c");
2125expect(detectInlineEvalArgv(["env", "sudo", "python3", "-c", "print(1)"])?.flag).toBe("-c");
26+expect(
27+detectInlineEvalArgv(["env", "env", "env", "env", "env", "env", "python3", "-c", "print(1)"])
28+?.flag,
29+).toBe("-c");
30+expect(detectInlineEvalArgv(["env", "-iSpython3 -c 'print(1)'"])?.flag).toBe("-c");
31+expect(detectInlineEvalArgv(["env", "-iS", "python3 -c 'print(1)'"])?.flag).toBe("-c");
32+expect(detectInlineEvalArgv(["env", "-S", "python3 -c", "print(1)"])?.flag).toBe("-c");
33+expect(detectInlineEvalArgv(["env", "-iSpython3 -c", "print(1)"])?.flag).toBe("-c");
2234expect(detectInlineEvalArgv(["command", "node", "--eval", "1"])?.flag).toBe("--eval");
2335expect(detectInlineEvalArgv(["env", "-S", 'python3 -c "print(1)"'])?.flag).toBe("-c");
2436expect(detectInlineEvalArgv(["python3", "script.py"])).toBeNull();
@@ -62,6 +74,12 @@ describe("command-analysis risks", () => {
6274(argv, startIndex) => argv[startIndex] === "-lc",
6375),
6476).toBe("sudo");
77+expect(
78+detectShellWrapperThroughCarrierArgv(
79+["sudo", "-EH", "bash", "-lc", "id"],
80+(argv, startIndex) => argv[startIndex] === "-lc",
81+),
82+).toBe("sudo");
6583expect(
6684detectShellWrapperThroughCarrierArgv(
6785["sudo", "echo", "bash", "-lc", "id"],
@@ -85,6 +103,9 @@ describe("command-analysis risks", () => {
85103expect(buildCommandPayloadCandidates(["FOO=1", "sudo", "-E", "/approve", "abc"])).toEqual([
86104"/approve abc",
87105]);
106+expect(buildCommandPayloadCandidates(["sudo", "-EH", "/approve", "abc"])).toEqual([
107+"/approve abc",
108+]);
88109expect(
89110buildCommandPayloadCandidates(["sudo", "-uroot", "bash", "-lc", "/approve req allow-once"]),
90111).toEqual(["bash -lc /approve req allow-once", "/approve req allow-once"]);
@@ -95,12 +116,35 @@ describe("command-analysis risks", () => {
95116"bash -lc /approve abc deny",
96117"/approve abc deny",
97118]);
119+expect(buildCommandPayloadCandidates(["env", "-S", "bash -lc", "/approve abc deny"])).toEqual([
120+"bash -lc /approve abc deny",
121+"/approve abc deny",
122+]);
123+expect(buildCommandPayloadCandidates(["env", "-iSbash -lc", "/approve abc deny"])).toEqual([
124+"bash -lc /approve abc deny",
125+"/approve abc deny",
126+]);
98127expect(buildCommandPayloadCandidates(["exec", "-a", "openclaw", "/approve", "abc"])).toEqual([
99128"/approve abc",
100129]);
101130expect(buildCommandPayloadCandidates(["command", "-v", "/approve"])).toEqual([
102131"command -v /approve",
103132]);
133+expect(
134+buildCommandPayloadCandidates([
135+"env",
136+"env",
137+"env",
138+"env",
139+"env",
140+"env",
141+"openclaw",
142+"channels",
143+"login",
144+"--channel",
145+"whatsapp",
146+]),
147+).toContain("openclaw channels login --channel whatsapp");
104148});
105149106150it("checks both effective and original argv for segment inline eval", () => {
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。