Files
nousresearch--hermes-agent/tests/tools/test_gnu_long_option_abbreviation_bypass.py
wehub-resource-sync b4fbd6fe9f
Deploy Site / deploy-vercel (push) Has been skipped
Deploy Site / deploy-docs (push) Has been skipped
Build Skills Index / build-index (push) Has been skipped
CI / Deny unrelated histories (push) Has been skipped
CI / Detect affected areas (push) Successful in 27m35s
CI / OSV scan (push) Failing after 4s
CI / Build&Test Docker image (push) Successful in 9s
CI / Supply-chain scan (push) Has been skipped
CI / Lint Docker scripts (push) Failing after 5m13s
CI / Check contributors (push) Failing after 12m8s
CI / Docs Site (push) Failing after 12m8s
CI / TypeScript (push) Failing after 12m8s
CI / Python lints (push) Failing after 12m9s
CI / Python tests (push) Failing after 12m9s
CI / Check uv.lock (push) Failing after 23m22s
CI / CI timing report (push) Has been cancelled
Build Skills Index / trigger-deploy (push) Has been cancelled
CI / All required checks pass (push) Has been cancelled
chore: import upstream snapshot with attribution
2026-07-13 11:56:03 +08:00

110 lines
4.2 KiB
Python

"""Tests for GNU long-option abbreviation bypass in DANGEROUS_PATTERNS.
GNU tools accept unique long-option prefix abbreviations at runtime
(e.g. ``chown --recur`` resolves to ``chown --recursive``). Two approval
patterns matched only the full flag name and could be evaded by passing a
valid abbreviation:
chown --recursive → --recur[a-z]*
git push --force → --forc[a-z]*
The other long-flag patterns (rm/chmod/sed) were already covered on every
abbreviation by sibling short-flag / target patterns, so this file only
asserts the two gaps that were genuinely open plus the relevant regression
guards.
"""
import pytest
from tools.approval import detect_dangerous_command
class TestChownRecursiveLongOptionAbbreviation:
"""chown --recur* abbreviations targeting root must be caught.
On main the bare ``--recur root`` form is caught only by an accidental
case-insensitive ``r`` → ``R`` overlap with the short-flag pattern; longer
abbreviations like ``--recurs``/``--recursi`` break that overlap and
slipped through before the prefix change.
"""
def test_chown_recursive_full_still_detected(self):
dangerous, _, desc = detect_dangerous_command("chown --recursive root /etc")
assert dangerous is True
assert "chown" in desc.lower() or "root" in desc.lower()
def test_chown_recur_root_detected(self):
dangerous, _, _ = detect_dangerous_command("chown --recur root /etc")
assert dangerous is True
def test_chown_recurs_root_detected(self):
dangerous, _, _ = detect_dangerous_command("chown --recurs root:root /var")
assert dangerous is True, "chown --recurs is a valid abbreviation of --recursive"
def test_chown_recursi_root_detected(self):
dangerous, _, _ = detect_dangerous_command("chown --recursi root /etc")
assert dangerous is True
def test_chown_recur_non_root_not_flagged(self):
"""--recur* chown to a non-root user must not be flagged."""
dangerous, _, _ = detect_dangerous_command("chown --recur nobody /opt/app")
assert dangerous is False
class TestGitPushForceLongOptionAbbreviation:
"""git push --forc* abbreviations must be caught.
The short ``-f`` pattern does not catch ``--forc`` (the ``\\b`` after the
``f`` does not match mid-word), so abbreviated long forms slipped through.
"""
def test_git_push_force_full_still_detected(self):
dangerous, _, desc = detect_dangerous_command("git push --force origin main")
assert dangerous is True
assert "force" in desc.lower()
def test_git_push_forc_abbreviation_detected(self):
dangerous, _, _ = detect_dangerous_command("git push --forc origin main")
assert dangerous is True, "git push --forc is a valid abbreviation of --force"
def test_git_push_forced_variant_detected(self):
dangerous, _, _ = detect_dangerous_command("git push --forced origin main")
assert dangerous is True
def test_git_push_force_with_lease_detected(self):
dangerous, _, _ = detect_dangerous_command(
"git push --force-with-lease origin main"
)
assert dangerous is True
def test_git_push_short_f_still_detected(self):
"""Existing -f pattern must not regress."""
dangerous, _, _ = detect_dangerous_command("git push -f origin main")
assert dangerous is True
def test_git_push_no_force_not_flagged(self):
dangerous, _, _ = detect_dangerous_command("git push origin main")
assert dangerous is False
def test_git_push_set_upstream_not_flagged(self):
dangerous, _, _ = detect_dangerous_command(
"git push --set-upstream origin feature"
)
assert dangerous is False
class TestFullFormRegressions:
"""The two changed long-flag patterns must still detect their full form."""
@pytest.mark.parametrize(
"cmd",
[
"chown --recursive root /etc",
"git push --force origin main",
],
)
def test_full_form_still_detected(self, cmd):
dangerous, key, _ = detect_dangerous_command(cmd)
assert dangerous is True, f"Full-form long flag not detected in: {cmd!r}"
assert key is not None