test: add additional multiline bypass tests for find patterns

Extra test coverage for newline bypass detection (DOTALL fix). Inspired by Bartok9's PR #245.
2026-04-26 01:01:40 +00:00 · 2026-03-02 04:46:27 -08:00 · 2026-03-02 04:46:27 -08:00 · 7862e7010c
commit 7862e7010c
parent 4faf2a6cf4
1 changed files with 10 additions and 0 deletions
--- a/tests/tools/test_approval.py
+++ b/tests/tools/test_approval.py
@ -179,3 +179,13 @@ class TestMultilineBypass:
        is_dangerous, _, desc = detect_dangerous_command(cmd)
        assert is_dangerous is True, f"multiline chmod bypass not caught: {cmd!r}"

+    def test_find_exec_rm_with_newline(self):
+        cmd = "find /tmp \\\n-exec rm {} \\;"
+        is_dangerous, _, desc = detect_dangerous_command(cmd)
+        assert is_dangerous is True, f"multiline find -exec rm bypass not caught: {cmd!r}"
+
+    def test_find_delete_with_newline(self):
+        cmd = "find . -name '*.tmp' \\\n-delete"
+        is_dangerous, _, desc = detect_dangerous_command(cmd)
+        assert is_dangerous is True, f"multiline find -delete bypass not caught: {cmd!r}"
+