-
Notifications
You must be signed in to change notification settings - Fork 4
Open
Description
Issues Fixed
-
tool_list_files() function:
- Fixed command injection vulnerability caused by string concatenation to build find command arguments
- Changed to use array parameter passing, completely eliminating injection risks
-
tool_shell() function:
- Fixed inaccurate exit code capture after command execution (original code used || true causing all commands to return success)
- Added mechanism to save and restore errexit (set -e) option
- Set standard 124 exit code for timeout situations
Testing Enhancements
- Improved tool_shell exit code capture test, verifying that "exit 42" returns 42
- Added tool_shell timeout test, verifying that timed out commands return 124
- All 47 tests pass successfully
Reactions are currently unavailable
Metadata
Metadata
Assignees
Labels
No labels