From f9beeeb7daaea794c869b2f11a2ea4f022bf337c Mon Sep 17 00:00:00 2001
From: dttdrv <154076940+dttdrv@users.noreply.github.com>
Date: Thu, 26 Mar 2026 05:50:55 +0000
Subject: [PATCH] =?UTF-8?q?=F0=9F=9B=A1=EF=B8=8F=20Sentinel:=20[CRITICAL]?=
 =?UTF-8?q?=20Fix=20Command=20Option=20Injection=20in=20compilation=20work?=
 =?UTF-8?q?er?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This patch ensures that user-provided `mainFile` values in the compilation queue cannot start with a hyphen (`-`). This prevents Command Option Injection attacks where a malicious user could pass options (like `-shell-escape`) to the `latexmk` external command spawned by the Rust compilation worker.
---
 .jules/sentinel.md                   | 5 +++++
 backend/src/services/compileQueue.ts | 5 +++++
 2 files changed, 10 insertions(+)

diff --git a/.jules/sentinel.md b/.jules/sentinel.md
index e0fa46b..2eca185 100644
--- a/.jules/sentinel.md
+++ b/.jules/sentinel.md
@@ -2,3 +2,8 @@
 **Vulnerability:** API endpoints in `backend/src/server.ts` taking user input (`projectId`, `jobId`) were directly joined with paths using `join` in `backend/src/store/localStore.ts` without proper sanitization. This allowed attackers to escape the project directory context and overwrite or read arbitrary files by sending payload containing `../` sequences.
 **Learning:** Even internal backend services handling project resources must securely sanitize all parameter values used for file operations to prevent path traversal outside expected boundaries.
 **Prevention:** Always use safe path sanitization utilities, like the implemented `safeJoin` and `toSafeRelativePath` in `backend/src/utils/path.ts`, to securely construct file paths and ensure the final path remains within the intended boundaries.
+
+## 2025-02-18 - [Command Option Injection in Compilation Worker]
+**Vulnerability:** The `mainFile` parameter in `backend/src/services/compileQueue.ts` was not validated to ensure it didn't start with a hyphen (`-`). This allowed an attacker to inject command options (e.g., `-shell-escape`) to the `latexmk` command spawned by the Rust compile worker, leading to potential command execution or server compromise.
+**Learning:** Always validate user-provided input that is passed as positional arguments to external commands or processes, explicitly rejecting inputs that look like options/flags (starting with `-` or `--`).
+**Prevention:** Explicitly reject `mainFile` values starting with a hyphen in the compilation queue service before they reach the compile worker.
diff --git a/backend/src/services/compileQueue.ts b/backend/src/services/compileQueue.ts
index ed1a3e6..6d84cf5 100644
--- a/backend/src/services/compileQueue.ts
+++ b/backend/src/services/compileQueue.ts
@@ -104,6 +104,11 @@ export class CompileQueueService {
     const timeoutMs = request.timeoutMs ?? settings.compileTimeoutMs;
     const jobId = createId("job");
 
+    // 🛡️ Sentinel: Prevent command option injection (e.g., -shell-escape)
+    if (mainFile.startsWith("-")) {
+      throw new HttpError(400, "mainFile cannot start with a hyphen.");
+    }
+
     if (this.queue.length >= MAX_QUEUE_ITEMS) {
       throw new HttpError(429, "Compile queue is full.");
     }