Skip to content

fix(core): avoid spawning cmd for Windows prompt env#34

Open
BunsDev wants to merge 1 commit into
mainfrom
codex/fix-windows-env-prompt-vulnerability
Open

fix(core): avoid spawning cmd for Windows prompt env#34
BunsDev wants to merge 1 commit into
mainfrom
codex/fix-windows-env-prompt-vulnerability

Conversation

@BunsDev
Copy link
Copy Markdown
Member

@BunsDev BunsDev commented Jun 3, 2026

Motivation

  • Prevent untrusted-executable search-path hijacking by removing Command::new("cmd").args(["/c","ver"]) from system-prompt assembly which ran during normal request preparation.
  • Preserve intent: still report a Windows identifier and architecture for the prompt without executing repository-controlled binaries.

Description

  • Replace the Windows branch in build_env_info_section (src-rust/crates/core/src/system_prompt.rs) to read OS and PROCESSOR_ARCHITECTURE environment variables instead of spawning cmd /c ver.
  • Keep POSIX behavior unchanged: non-Windows platforms still run uname -s -r to obtain an OS version string.
  • Avoid any tool/command execution while assembling the system prompt so the prompt assembly remains free of repository-sourced process spawns.

Testing

  • Confirmed removal by running the search: rg 'Command::new\("cmd"\)|cmd"\)\s*\.args\(\["/c", "ver"\]\)' src-rust/crates/core/src/system_prompt.rs src-rust/crates/query/src/lib.rs which returned no matches.
  • Attempted cargo check --workspace which failed due to the container missing system development packages (alsa.pc for alsa-sys) and thus the workspace could not be fully checked.
  • Ran timeout 180 cargo check --package claurst-core --lib which timed out while compiling dependencies (external crates like openssl-sys), so full crate check could not complete within this environment.
  • Ran rustfmt --check crates/core/src/system_prompt.rs and observed it failed because of pre-existing formatting differences elsewhere in the file unrelated to the security change.

Codex Task

Copilot AI review requested due to automatic review settings June 3, 2026 12:00
Copilot AI reviewed Jun 3, 2026
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR hardens system-prompt environment info generation on Windows by removing a cmd /c ver process spawn during prompt assembly, reducing exposure to search-path hijacking from an untrusted working directory.

Changes:

  • Replaces the Windows OS-version detection logic in build_env_info_section with environment-variable reads (OS, PROCESSOR_ARCHITECTURE) instead of spawning cmd /c ver.
  • Keeps non-Windows behavior unchanged (still runs uname -s -r for the OS version string).

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread src-rust/crates/core/src/system_prompt.rs
Comment on lines +355 to +359
// Avoid spawning command processors while constructing the prompt:
// the current working directory may be an untrusted repository.
let os_name = std::env::var("OS")
.ok()
.map(|s| s.trim().to_string())
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

aardvark codex

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@BunsDev