mirrors/hermes-agent
1
0
Fork 0
mirror of https://github.com/NousResearch/hermes-agent.git synced 2026-04-25 00:51:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix terminal workdir validation for Windows paths

Browse source
This commit is contained in:
Ruzzgar 2026-04-15 02:56:31 +03:00 committed by Teknium
parent eb3d928da6
commit de3f8bc6ce
3 changed files with 20 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

1
scripts/release.py
View file

@ -76,6 +76,7 @@ AUTHOR_MAP = {
"abdullahfarukozden@gmail.com": "Farukest",
"lovre.pesut@gmail.com": "rovle",
"hakanerten02@hotmail.com": "teyrebaz33",
"ruzzgarcn@gmail.com": "Ruzzgar",
"alireza78.crypto@gmail.com": "alireza78a",
"brooklyn.bb.nicholson@gmail.com": "brooklynnicholson",
"4317663+helix4u@users.noreply.github.com": "helix4u",

15
tests/tools/test_terminal_tool.py
View file

@ -88,3 +88,18 @@ def test_cached_sudo_password_is_used_when_env_is_unset(monkeypatch):
assert transformed == "echo ok && sudo -S -p '' whoami"
assert sudo_stdin == "cached-pass\n"
def test_validate_workdir_allows_windows_drive_paths():
assert terminal_tool._validate_workdir(r"C:\Users\Alice\project") is None
assert terminal_tool._validate_workdir("C:/Users/Alice/project") is None
def test_validate_workdir_allows_windows_unc_paths():
assert terminal_tool._validate_workdir(r"\\server\share\project") is None
def test_validate_workdir_blocks_shell_metacharacters_in_windows_paths():
assert terminal_tool._validate_workdir(r"C:\Users\Alice\project; rm -rf /")
assert terminal_tool._validate_workdir(r"C:\Users\Alice\project$(whoami)")
assert terminal_tool._validate_workdir("C:\\Users\\Alice\\project\nwhoami")

7
tools/terminal_tool.py
View file

@ -148,9 +148,10 @@ def _check_all_guards(command: str, env_type: str) -> dict:
# Allowlist: characters that can legitimately appear in directory paths.
# Covers alphanumeric, path separators, tilde, dot, hyphen, underscore, space,
# plus, at, equals, and comma. Everything else is rejected.
_WORKDIR_SAFE_RE = re.compile(r'^[A-Za-z0-9/_\-.~ +@=,]+$')
# Covers alphanumeric, path separators, Windows drive/UNC separators, tilde,
# dot, hyphen, underscore, space, plus, at, equals, and comma. Everything
# else is rejected.
_WORKDIR_SAFE_RE = re.compile(r'^[A-Za-z0-9/\\:_\-.~ +@=,]+$')
def _validate_workdir(workdir: str) -> str | None: