Skip to content

Potential fix for code scanning alert no. 49: Uncontrolled command line#105

Merged
meraedit merged 1 commit into
masterfrom
alert-autofix-49
Jul 1, 2026
Merged

Potential fix for code scanning alert no. 49: Uncontrolled command line#105
meraedit merged 1 commit into
masterfrom
alert-autofix-49

Conversation

@meraedit

@meraedit meraedit commented Jul 1, 2026

Copy link
Copy Markdown
Contributor

Potential fix for https://github.com/Servoy/servoy-eclipse/security/code-scanning/49

The best fix is to enforce a strict trusted-path policy at execution time using canonical/real paths and reject symlink/path-manipulation edge cases before invoking ProcessBuilder.

In com.servoy.eclipse.debug/src/com/servoy/eclipse/debug/handlers/StartNGDesktopClientHandler.java around the launch block (lines ~429–459), strengthen validation by:

  • Resolving basePath, installDirPath, and commandPath to real paths (toRealPath(LinkOption.NOFOLLOW_LINKS) where applicable).
  • Ensuring installDirRealPath.startsWith(baseRealPath) and commandRealPath.startsWith(installDirRealPath).
  • Building the command from the trusted real path (commandRealPath.toString()), not from a merely normalized path.
  • Keeping existing behavior (same executable selection and platform behavior), only tightening trust checks.

No functionality change is intended; only unsafe edge cases are rejected.

Suggested fixes powered by Copilot Autofix. Review carefully before merging.

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
@meraedit meraedit marked this pull request as ready for review July 1, 2026 12:57
@meraedit meraedit merged commit 545d4ce into master Jul 1, 2026
6 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant