From b4c4a6d94d20223ce45e904594bfd565925d9a79 Mon Sep 17 00:00:00 2001 From: "google-labs-jules[bot]" <161369871+google-labs-jules[bot]@users.noreply.github.com> Date: Sat, 28 Mar 2026 23:20:48 +0000 Subject: [PATCH] fix: Add security flags and timeouts to PDF compilation Added `-no-shell-escape` flags for `pdflatex` and `pandoc` in `CoverLetterGenerator` and `PDFConverter`. Added 30-second timeouts to all `subprocess.communicate()` calls for PDF generation to prevent hanging. Appended learning to `.jules/sentinel.md`. Co-authored-by: anchapin <6326294+anchapin@users.noreply.github.com> --- .jules/sentinel.md | 5 +++++ cli/generators/cover_letter_generator.py | 23 +++++++++++++++++++---- cli/pdf/converter.py | 23 +++++++++++++++++++---- 3 files changed, 43 insertions(+), 8 deletions(-) diff --git a/.jules/sentinel.md b/.jules/sentinel.md index 3a1d237..891bdfb 100644 --- a/.jules/sentinel.md +++ b/.jules/sentinel.md @@ -7,3 +7,8 @@ **Vulnerability:** The `CoverLetterGenerator` used a standard Jinja2 environment (intended for HTML/XML or plain text) to render LaTeX templates. This allowed malicious user input (or AI hallucinations) containing LaTeX control characters (e.g., `\input{...}`) to be injected directly into the LaTeX source, leading to potential Local File Inclusion (LFI) or other exploits. **Learning:** Jinja2's default `autoescape` is context-aware based on file extensions, but usually only for HTML/XML. It does NOT automatically escape LaTeX special characters. Relying on manual filters (like `| latex_escape`) in templates is error-prone and brittle, as developers might forget to apply them to every variable. **Prevention:** Always use a dedicated Jinja2 environment for LaTeX generation that enforces auto-escaping via a `finalize` hook (e.g., `tex_env.finalize = latex_escape`). This ensures *all* variable output is sanitized by default, providing defense-in-depth even if the template author forgets explicit filters. + +## 2025-02-19 - [Critical] RCE and DoS risks in PDF compilation +**Vulnerability:** The `CoverLetterGenerator` and `PDFConverter` were calling `pdflatex` and `pandoc` via `subprocess.Popen` without explicitly forbidding shell escape (`-no-shell-escape` flag for `pdflatex`, and `--pdf-engine-opt=-no-shell-escape` for `pandoc`). This could allow an attacker to achieve Remote Code Execution (RCE) by providing untrusted content that injects `\write18` into LaTeX templates. Additionally, the subprocess calls lacked a `timeout`, leading to potential Denial of Service (DoS) where maliciously crafted inputs could cause compilation loops indefinitely consuming CPU and hanging the process. +**Learning:** Default options for commands like `pdflatex` can be dangerous when handling potentially untrusted data. Furthermore, blocking calls to external subprocesses must always have a timeout. +**Prevention:** Always include the explicit `-no-shell-escape` flags (directly or via pandoc options) and a robust `timeout` using standard patterns (like the `TimeoutExpired` capture combined with `process.kill()` and `process.communicate()`) to prevent execution issues. diff --git a/cli/generators/cover_letter_generator.py b/cli/generators/cover_letter_generator.py index aaf0b61..4cdccba 100644 --- a/cli/generators/cover_letter_generator.py +++ b/cli/generators/cover_letter_generator.py @@ -771,12 +771,16 @@ def _compile_pdf(self, output_path: Path, tex_content: str) -> bool: try: # Use Popen with explicit cleanup to avoid double-free issues process = subprocess.Popen( - ["pdflatex", "-interaction=nonstopmode", tex_path.name], + ["pdflatex", "-interaction=nonstopmode", "-no-shell-escape", tex_path.name], stdout=subprocess.PIPE, stderr=subprocess.PIPE, cwd=tex_path.parent, ) - stdout, stderr = process.communicate() + try: + stdout, stderr = process.communicate(timeout=30) + except subprocess.TimeoutExpired: + process.kill() + stdout, stderr = process.communicate() if process.returncode == 0 or output_path.exists(): pdf_created = True except (subprocess.CalledProcessError, FileNotFoundError): @@ -787,11 +791,22 @@ def _compile_pdf(self, output_path: Path, tex_content: str) -> bool: # Fallback to pandoc try: process = subprocess.Popen( - ["pandoc", str(tex_path), "-o", str(output_path), "--pdf-engine=xelatex"], + [ + "pandoc", + str(tex_path), + "-o", + str(output_path), + "--pdf-engine=xelatex", + "--pdf-engine-opt=-no-shell-escape", + ], stdout=subprocess.PIPE, stderr=subprocess.PIPE, ) - stdout, stderr = process.communicate() + try: + stdout, stderr = process.communicate(timeout=30) + except subprocess.TimeoutExpired: + process.kill() + stdout, stderr = process.communicate() if process.returncode == 0 or output_path.exists(): pdf_created = True except (subprocess.CalledProcessError, FileNotFoundError): diff --git a/cli/pdf/converter.py b/cli/pdf/converter.py index 0b0a200..b02d55e 100644 --- a/cli/pdf/converter.py +++ b/cli/pdf/converter.py @@ -86,12 +86,16 @@ def _compile_pdflatex( """ try: process = subprocess.Popen( - ["pdflatex", "-interaction=nonstopmode", tex_path.name], + ["pdflatex", "-interaction=nonstopmode", "-no-shell-escape", tex_path.name], stdout=subprocess.PIPE, stderr=subprocess.PIPE, cwd=working_dir, ) - stdout, stderr = process.communicate() + try: + stdout, stderr = process.communicate(timeout=30) + except subprocess.TimeoutExpired: + process.kill() + stdout, stderr = process.communicate() if process.returncode == 0 or output_path.exists(): return True @@ -121,12 +125,23 @@ def _compile_pandoc( """ try: process = subprocess.Popen( - ["pandoc", str(tex_path), "-o", str(output_path), "--pdf-engine=xelatex"], + [ + "pandoc", + str(tex_path), + "-o", + str(output_path), + "--pdf-engine=xelatex", + "--pdf-engine-opt=-no-shell-escape", + ], stdout=subprocess.PIPE, stderr=subprocess.PIPE, cwd=working_dir, ) - stdout, stderr = process.communicate() + try: + stdout, stderr = process.communicate(timeout=30) + except subprocess.TimeoutExpired: + process.kill() + stdout, stderr = process.communicate() if process.returncode == 0 or output_path.exists(): return True