From e47accaf5908d625951a796ef4af1369e6f90723 Mon Sep 17 00:00:00 2001
From: dttdrv <154076940+dttdrv@users.noreply.github.com>
Date: Wed, 1 Apr 2026 04:55:58 +0000
Subject: [PATCH] =?UTF-8?q?=F0=9F=9B=A1=EF=B8=8F=20Sentinel:=20[CRITICAL]?=
 =?UTF-8?q?=20Fix=20Command=20Option=20Injection?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Add validation to `backend/src/services/compileQueue.ts` to reject `mainFile` inputs starting with a hyphen.
This prevents arbitrary options from being injected into the latexmk execution within the compile worker.
---
 .jules/sentinel.md                   | 5 +++++
 backend/src/services/compileQueue.ts | 3 +++
 2 files changed, 8 insertions(+)

diff --git a/.jules/sentinel.md b/.jules/sentinel.md
index e0fa46b..57f524b 100644
--- a/.jules/sentinel.md
+++ b/.jules/sentinel.md
@@ -2,3 +2,8 @@
 **Vulnerability:** API endpoints in `backend/src/server.ts` taking user input (`projectId`, `jobId`) were directly joined with paths using `join` in `backend/src/store/localStore.ts` without proper sanitization. This allowed attackers to escape the project directory context and overwrite or read arbitrary files by sending payload containing `../` sequences.
 **Learning:** Even internal backend services handling project resources must securely sanitize all parameter values used for file operations to prevent path traversal outside expected boundaries.
 **Prevention:** Always use safe path sanitization utilities, like the implemented `safeJoin` and `toSafeRelativePath` in `backend/src/utils/path.ts`, to securely construct file paths and ensure the final path remains within the intended boundaries.
+
+## 2024-05-24 - [Command Option Injection in Rust Worker]
+**Vulnerability:** The `mainFile` input provided in `backend/src/services/compileQueue.ts` was passed directly to the `latexmk` command within the Rust worker without validation. This allowed an attacker to start the string with a hyphen (`-`), executing malicious options such as `-shell-escape`.
+**Learning:** Command arguments dynamically generated from user input and passed natively (e.g. via Node.js `spawn` or Rust's `Command::new`) are vulnerable to Command Option Injection (also known as Flag Injection) if they are supposed to be positional parameters (like a filename) but start with a dash.
+**Prevention:** Explicitly validate and reject user-provided arguments intended as positional inputs if they begin with a hyphen (`-`).
diff --git a/backend/src/services/compileQueue.ts b/backend/src/services/compileQueue.ts
index ed1a3e6..abfdd82 100644
--- a/backend/src/services/compileQueue.ts
+++ b/backend/src/services/compileQueue.ts
@@ -101,6 +101,9 @@ export class CompileQueueService {
     const settings = await this.store.getSettings();
     const projectId = request.projectId.trim();
     const mainFile = request.mainFile?.trim() || "main.tex";
+    if (mainFile.startsWith("-")) {
+      throw new HttpError(400, "mainFile cannot start with a hyphen.");
+    }
     const timeoutMs = request.timeoutMs ?? settings.compileTimeoutMs;
     const jobId = createId("job");