🛡️ Sentinel: [CRITICAL] Fix command injection in docker containers API#125
🛡️ Sentinel: [CRITICAL] Fix command injection in docker containers API#125bobdivx wants to merge 1 commit into
Conversation
🚨 Severity: CRITICAL 💡 Vulnerability: Command injection vulnerability in `src/pages/api/docker/containers.ts` where user-provided input (`id` and `action`) was directly interpolated into an `execAsync` command. 🎯 Impact: An attacker could craft a malicious `id` or `action` containing shell control characters (e.g., `;`, `&&`, `||`, `$()`) to execute arbitrary shell commands on the server running the API. 🔧 Fix: Refactored the code to use `execFileAsync` which directly invokes the executable without passing through a shell, preventing shell injection. Additionally, strict regex validation was added to the `id` and `action` parameters to ensure they only contain alphanumeric characters and don't start with a hyphen to prevent argument flag injection. ✅ Verification: Verified by reviewing the code changes, ensuring tests pass via `pnpm test`, and running type checks with `pnpm run check`. Co-authored-by: bobdivx <6737167+bobdivx@users.noreply.github.com>
|
👋 Jules, reporting for duty! I'm here to lend a hand with this pull request. When you start a review, I'll add a 👀 emoji to each comment to let you know I've read it. I'll focus on feedback directed at me and will do my best to stay out of conversations between you and other bots or reviewers to keep the noise down. I'll push a commit with your requested changes shortly after. Please note there might be a delay between these steps, but rest assured I'm on the job! For more direct control, you can switch me to Reactive Mode. When this mode is on, I will only act on comments where you specifically mention me with New to Jules? Learn more at jules.google/docs. For security, I will only act on instructions from the user who triggered this task. |
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request successfully addresses a command injection vulnerability in the Docker Containers API by replacing shell-evaluating exec calls with execFile and introducing input validation for the id and action parameters. Additionally, a sentinel document was added to log this vulnerability and its prevention. The review feedback suggests improving error handling by adding the -f flag to the curl commands so that HTTP errors from the Docker daemon are correctly caught, and restricting the action parameter to an explicit allowlist of supported actions rather than a generic regular expression.
Important
The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.
| } | ||
|
|
||
| const { stdout } = await execAsync(`curl -s -X ${method} --unix-socket /var/run/docker.sock "${url}"`); | ||
| const { stdout } = await execFileAsync('curl', ['-s', '-X', method, '--unix-socket', '/var/run/docker.sock', url]); |
There was a problem hiding this comment.
Add the -f / --fail flag to the curl command. Without this flag, if the Docker daemon returns an HTTP error (e.g., 404 or 500), curl will still exit with code 0, and the API will return a 200 OK response with { success: true } to the frontend. Adding -f ensures that HTTP errors from the Docker daemon trigger a non-zero exit code, throwing an error that is correctly caught and returned as a 500 Internal Server Error.
| const { stdout } = await execFileAsync('curl', ['-s', '-X', method, '--unix-socket', '/var/run/docker.sock', url]); | |
| const { stdout } = await execFileAsync('curl', ['-s', '-f', '-X', method, '--unix-socket', '/var/run/docker.sock', url]); |
| export const GET: APIRoute = async () => { | ||
| try { | ||
| const { stdout } = await execAsync('curl -s --unix-socket /var/run/docker.sock http://localhost/containers/json?all=1'); | ||
| const { stdout } = await execFileAsync('curl', ['-s', '--unix-socket', '/var/run/docker.sock', 'http://localhost/containers/json?all=1']); |
There was a problem hiding this comment.
Add the -f / --fail flag to the curl command. By default, curl does not fail (returns exit code 0) when the HTTP server returns an error status code (4xx or 5xx). Adding -f ensures that curl exits with a non-zero code on HTTP errors, allowing the try-catch block to correctly catch the failure and fall back to the Docker CLI.
| const { stdout } = await execFileAsync('curl', ['-s', '--unix-socket', '/var/run/docker.sock', 'http://localhost/containers/json?all=1']); | |
| const { stdout } = await execFileAsync('curl', ['-s', '-f', '--unix-socket', '/var/run/docker.sock', 'http://localhost/containers/json?all=1']); |
| if (typeof action !== 'string' || !/^[a-zA-Z0-9_.-]+$/.test(action) || action.startsWith('-')) { | ||
| return new Response(JSON.stringify({ error: 'Invalid action format' }), { status: 400 }); | ||
| } |
There was a problem hiding this comment.
Instead of using a generic regular expression to validate the action parameter, restrict it to an explicit allowlist of supported actions (restart, stop, remove). This prevents unexpected or unsupported Docker API endpoints from being called and simplifies the validation logic.
| if (typeof action !== 'string' || !/^[a-zA-Z0-9_.-]+$/.test(action) || action.startsWith('-')) { | |
| return new Response(JSON.stringify({ error: 'Invalid action format' }), { status: 400 }); | |
| } | |
| if (typeof action !== 'string' || !['restart', 'stop', 'remove'].includes(action)) { | |
| return new Response(JSON.stringify({ error: 'Invalid action' }), { status: 400 }); | |
| } |
1 participant
Fixed a critical command injection vulnerability in
src/pages/api/docker/containers.tswhere user-provided input was directly interpolated into anexecAsynccommand. Refactored the code to useexecFileAsyncwhich directly invokes the executable without passing through a shell, preventing shell injection. Added strict regex validation to theidandactionparameters to ensure they only contain alphanumeric characters and don't start with a hyphen to prevent argument flag injection. Recorded the security learning in.jules/sentinel.md.PR created automatically by Jules for task 4912697378843172151 started by @bobdivx