All forms of input to an application needs to be validated. For example, to notify a user about suspicious typos or for security reasons. The easiest form of validation is probably of integers, ie the input cannot consist of anything other than the numbers 0-9. Among the more difficult and complex validations is when file handling is involved, especially if there are several different formats that can be used as input.
GitPython is a python library used to interact with git repositories. One method used is “clone_from” ( image below).
The first input parameter is an URL (a string). If there is no input validation of this parameter, this can be used to execute shell commands (remote code execution). If proper validation is missing, this is a serious vulnerability. More info about the vulnerability: CVE-2022-24439.
Examples of how this can be used can be seen in the example below.
from git import Repo
myRepo = Repo.init('', bare=True)
myRepo.clone_from('ext::sh -c cat% /etc/shadow% >% /tmp/aba', 'something', multi_options=["-c protocol.ext.allow=always"])As you can see, when this command executes it will copy the shadow file to a less restrictive folder “/tmp/aba”. Where it can be read by a non-root user.
So always keep in mind to validate the input, which is easier said than done.