Skip to content

Commit 35b88fc

Browse files
RunDevelopmentRunDevelopment
authored
Shell-session: Fixed command false positives (#3048)
* Shell-session: Fixed command false positives * Fixed comments and `<` characters
1 parent 4f97b82 commit 35b88fc

File tree

5 files changed

+181
-7
lines changed

5 files changed

+181
-7
lines changed

components/prism-shell-session.js

+14-3
Original file line numberDiff line numberDiff line change
@@ -18,11 +18,22 @@
1818
'command': {
1919
pattern: RegExp(
2020
// user info
21-
/^(?:[^\s@:$#%*!/\\]+@[^\r\n@:$#%*!/\\]+(?::[^\0-\x1F$#%*?"<>:;|]+)?|[^\0-\x1F$#%*?"<>@:;|]+)?/.source +
21+
/^/.source +
22+
'(?:' +
23+
(
24+
// <user> ":" ( <path> )?
25+
/[^\s@:$#%*!/\\]+@[^\r\n@:$#%*!/\\]+(?::[^\0-\x1F$#%*?"<>:;|]+)?/.source +
26+
'|' +
27+
// <path>
28+
// Since the path pattern is quite general, we will require it to start with a special character to
29+
// prevent false positives.
30+
/[/~.][^\0-\x1F$#%*?"<>@:;|]*/.source
31+
) +
32+
')?' +
2233
// shell symbol
23-
/[$#%]/.source +
34+
/[$#%](?=\s)/.source +
2435
// bash command
25-
/(?:[^\\\r\n'"<$]|\\(?:[^\r]|\r\n?)|\$(?!')|<<str>>)+/.source.replace(/<<str>>/g, function () { return strings; }),
36+
/(?:[^\\\r\n \t'"<$]|[ \t](?:(?!#)|#.*$)|\\(?:[^\r]|\r\n?)|\$(?!')|<(?!<)|<<str>>)+/.source.replace(/<<str>>/g, function () { return strings; }),
2637
'm'
2738
),
2839
greedy: true,

components/prism-shell-session.min.js

+1-1
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

tests/languages/shell-session/command_string_feature.test

+27-3
Original file line numberDiff line numberDiff line change
@@ -21,6 +21,9 @@ $ cat << "EOF" > /etc/ipsec.secrets
2121
# : RSA vpn-server-b.key
2222
EOF
2323

24+
$ LC_ALL=C tr -cd 'a-zA-Z0-9_-;:!?.@\\*/#%$' < /dev/random | head -c 8
25+
y_#!$U48
26+
2427
----------------------------------------------------
2528

2629
[
@@ -64,10 +67,10 @@ EOF
6467
["builtin", "echo"],
6568
["punctuation", "\\"],
6669
"'a ",
67-
["comment", "# "]
70+
["comment", "# '"]
6871
]]
6972
]],
70-
["output", "'\r\n\r\n"],
73+
7174
["command", [
7275
["shell-symbol", "$"],
7376
["bash", [
@@ -83,7 +86,28 @@ EOF
8386
"\r\n: RSA vpn-server-a.key\r\n# : RSA vpn-server-b.key\r\nEOF"
8487
]]
8588
]]
86-
]]
89+
]],
90+
91+
["command", [
92+
["shell-symbol", "$"],
93+
["bash", [
94+
["assign-left", [
95+
["environment", "LC_ALL"]
96+
]],
97+
["operator", ["="]],
98+
"C ",
99+
["function", "tr"],
100+
" -cd ",
101+
["string", "'a-zA-Z0-9_-;:!?.@\\\\*/#%$'"],
102+
["operator", ["<"]],
103+
" /dev/random ",
104+
["operator", ["|"]],
105+
["function", "head"],
106+
" -c ",
107+
["number", "8"]
108+
]]
109+
]],
110+
["output", "y_#!$U48"]
87111
]
88112

89113
----------------------------------------------------

tests/languages/shell-session/issue3047_1.test

+96
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,96 @@
1+
$ diskutil list
2+
/dev/disk0 (internal, physical):
3+
#: TYPE NAME SIZE IDENTIFIER
4+
0: GUID_partition_scheme *500.3 GB disk0
5+
1: EFI EFI 209.7 MB disk0s1
6+
2: Apple_APFS Container disk1 500.1 GB disk0s2
7+
8+
/dev/disk1 (synthesized):
9+
#: TYPE NAME SIZE IDENTIFIER
10+
0: APFS Container Scheme - +500.1 GB disk1
11+
Physical Store disk0s2
12+
1: APFS Volume Macintosh HD - Data 340.9 GB disk1s1
13+
2: APFS Volume Preboot 85.9 MB disk1s2
14+
3: APFS Volume Recovery 529.0 MB disk1s3
15+
4: APFS Volume VM 3.2 GB disk1s4
16+
5: APFS Volume Macintosh HD 11.3 GB disk1s5
17+
18+
/dev/disk2 (internal, physical):
19+
#: TYPE NAME SIZE IDENTIFIER
20+
0: FDisk_partition_scheme *15.9 GB disk2
21+
1: Windows_FAT_32 boot 268.4 MB disk2s1
22+
2: Linux 15.7 GB disk2s2
23+
24+
$ sudo diskutil unmount /dev/diskn
25+
disk2 was already unmounted or it has a partitioning scheme so use "diskutil unmountDisk" instead
26+
27+
$ sudo diskutil unmountDisk /dev/diskn (if previous step fails)
28+
Unmount of all volumes on disk2 was successful
29+
30+
$ sudo dd bs=1m if=$HOME/Downloads/tails-amd64-4.18.img of=/dev/rdiskn
31+
1131+0 records in
32+
1131+0 records out
33+
1185939456 bytes transferred in 44.708618 secs (26525970 bytes/sec)
34+
35+
$ sudo diskutil unmountDisk /dev/diskn
36+
Unmount of all volumes on disk2 was successful
37+
38+
----------------------------------------------------
39+
40+
[
41+
["command", [
42+
["shell-symbol", "$"],
43+
["bash", ["diskutil list"]]
44+
]],
45+
46+
["output", "/dev/disk0 (internal, physical):\r\n #: TYPE NAME SIZE IDENTIFIER\r\n 0: GUID_partition_scheme *500.3 GB disk0\r\n 1: EFI EFI 209.7 MB disk0s1\r\n 2: Apple_APFS Container disk1 500.1 GB disk0s2\r\n\r\n/dev/disk1 (synthesized):\r\n #: TYPE NAME SIZE IDENTIFIER\r\n 0: APFS Container Scheme - +500.1 GB disk1\r\n Physical Store disk0s2\r\n 1: APFS Volume Macintosh HD - Data 340.9 GB disk1s1\r\n 2: APFS Volume Preboot 85.9 MB disk1s2\r\n 3: APFS Volume Recovery 529.0 MB disk1s3\r\n 4: APFS Volume VM 3.2 GB disk1s4\r\n 5: APFS Volume Macintosh HD 11.3 GB disk1s5\r\n\r\n/dev/disk2 (internal, physical):\r\n #: TYPE NAME SIZE IDENTIFIER\r\n 0: FDisk_partition_scheme *15.9 GB disk2\r\n 1: Windows_FAT_32 boot 268.4 MB disk2s1\r\n 2: Linux 15.7 GB disk2s2\r\n\r\n"],
47+
["command", [
48+
["shell-symbol", "$"],
49+
["bash", [
50+
["function", "sudo"],
51+
" diskutil unmount /dev/diskn"
52+
]]
53+
]],
54+
55+
["output", "disk2 was already unmounted or it has a partitioning scheme so use \"diskutil unmountDisk\" instead\r\n\r\n"],
56+
["command", [
57+
["shell-symbol", "$"],
58+
["bash", [
59+
["function", "sudo"],
60+
" diskutil unmountDisk /dev/diskn ",
61+
["punctuation", "("],
62+
"if previous step fails",
63+
["punctuation", ")"]
64+
]]
65+
]],
66+
67+
["output", "Unmount of all volumes on disk2 was successful\r\n\r\n"],
68+
["command", [
69+
["shell-symbol", "$"],
70+
["bash", [
71+
["function", "sudo"],
72+
["function", "dd"],
73+
["assign-left", ["bs"]],
74+
["operator", ["="]],
75+
"1m ",
76+
["assign-left", ["if"]],
77+
["operator", ["="]],
78+
["environment", "$HOME"],
79+
"/Downloads/tails-amd64-4.18.img ",
80+
["assign-left", ["of"]],
81+
["operator", ["="]],
82+
"/dev/rdiskn"
83+
]]
84+
]],
85+
86+
["output", "1131+0 records in\r\n1131+0 records out\r\n1185939456 bytes transferred in 44.708618 secs (26525970 bytes/sec)\r\n\r\n"],
87+
["command", [
88+
["shell-symbol", "$"],
89+
["bash", [
90+
["function", "sudo"],
91+
" diskutil unmountDisk /dev/diskn"
92+
]]
93+
]],
94+
95+
["output", "Unmount of all volumes on disk2 was successful"]
96+
]

tests/languages/shell-session/issue3047_2.test

+43
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,43 @@
1+
$ gpg --card-status
2+
Reader ...........: Yubico YubiKey CCID
3+
Application ID ...: D*******************************
4+
Application type .: OpenPGP
5+
Version ..........: 0.0
6+
Manufacturer .....: Yubico
7+
Serial number ....: 1*******
8+
Name of cardholder: John Doe
9+
Language prefs ...: en
10+
Salutation .......:
11+
URL of public key : [not set]
12+
Login data .......: john@example.net
13+
Signature PIN ....: not forced
14+
Key attributes ...: ed25519 cv25519 ed25519
15+
Max. PIN lengths .: 127 127 127
16+
PIN retry counter : 3 0 3
17+
Signature counter : 0
18+
KDF setting ......: off
19+
UIF setting ......: Sign=on Decrypt=on Auth=on
20+
Signature key ....: ACE1 3F15 90C1 A8C9 D942 51E3 02ED C61B 6543 509B
21+
created ....: 2021-07-21 18:44:34
22+
Encryption key....: 0524 00F4 8E1D 085A F3E1 61EC D463 4E0D 6E2D D8BF
23+
created ....: 2021-07-21 18:44:52
24+
Authentication key: A27B 582F 1F62 03BA 549B 3D44 1E7B 69B2 38FF A21B
25+
created ....: 2021-07-21 18:45:13
26+
General key info..: sub ed25519/0x02EDC61B6543509B 2021-07-21 John Doe <john@example.net>
27+
sec# ed25519/0xC2709D13BAB4763C created: 2021-07-21 expires: never
28+
ssb> ed25519/0x02EDC61B6543509B created: 2021-07-21 expires: 2022-07-21
29+
card-no: 0006 1*******
30+
ssb> cv25519/0xD4634E0D6E2DD8BF created: 2021-07-21 expires: 2022-07-21
31+
card-no: 0006 1*******
32+
ssb> ed25519/0x1E7B69B238FFA21B created: 2021-07-21 expires: 2022-07-21
33+
card-no: 0006 1*******
34+
35+
----------------------------------------------------
36+
37+
[
38+
["command", [
39+
["shell-symbol", "$"],
40+
["bash", ["gpg --card-status"]]
41+
]],
42+
["output", "Reader ...........: Yubico YubiKey CCID\r\nApplication ID ...: D*******************************\r\nApplication type .: OpenPGP\r\nVersion ..........: 0.0\r\nManufacturer .....: Yubico\r\nSerial number ....: 1*******\r\nName of cardholder: John Doe\r\nLanguage prefs ...: en\r\nSalutation .......:\r\nURL of public key : [not set]\r\nLogin data .......: john@example.net\r\nSignature PIN ....: not forced\r\nKey attributes ...: ed25519 cv25519 ed25519\r\nMax. PIN lengths .: 127 127 127\r\nPIN retry counter : 3 0 3\r\nSignature counter : 0\r\nKDF setting ......: off\r\nUIF setting ......: Sign=on Decrypt=on Auth=on\r\nSignature key ....: ACE1 3F15 90C1 A8C9 D942 51E3 02ED C61B 6543 509B\r\n created ....: 2021-07-21 18:44:34\r\nEncryption key....: 0524 00F4 8E1D 085A F3E1 61EC D463 4E0D 6E2D D8BF\r\n created ....: 2021-07-21 18:44:52\r\nAuthentication key: A27B 582F 1F62 03BA 549B 3D44 1E7B 69B2 38FF A21B\r\n created ....: 2021-07-21 18:45:13\r\nGeneral key info..: sub ed25519/0x02EDC61B6543509B 2021-07-21 John Doe <john@example.net>\r\nsec# ed25519/0xC2709D13BAB4763C created: 2021-07-21 expires: never\r\nssb> ed25519/0x02EDC61B6543509B created: 2021-07-21 expires: 2022-07-21\r\n card-no: 0006 1*******\r\nssb> cv25519/0xD4634E0D6E2DD8BF created: 2021-07-21 expires: 2022-07-21\r\n card-no: 0006 1*******\r\nssb> ed25519/0x1E7B69B238FFA21B created: 2021-07-21 expires: 2022-07-21\r\n card-no: 0006 1*******"]
43+
]

0 commit comments

Comments
 (0)