🛡️ Sentinel: [HIGH] Fix LaTeX injection via optional arguments#146
🛡️ Sentinel: [HIGH] Fix LaTeX injection via optional arguments#146
Conversation
…ection
- Updated `cli/utils/template_filters.py` to escape `[` as `{[}` and `]` as `{]}`.
- Updated `resume_pdf_lib/generator.py` to escape `[` and `]` similarly.
- Added `tests/test_bracket_escape.py` to verify bracket escaping.
- Updated `tests/test_template_generator.py` to assert that brackets are escaped.
- Added entry to `.jules/sentinel.md` documenting the vulnerability and fix.
This prevents attackers from injecting LaTeX commands via optional arguments (e.g., `\item[...]`) if user input is used in such contexts.
Co-authored-by: anchapin <6326294+anchapin@users.noreply.github.com>
|
👋 Jules, reporting for duty! I'm here to lend a hand with this pull request. When you start a review, I'll add a 👀 emoji to each comment to let you know I've read it. I'll focus on feedback directed at me and will do my best to stay out of conversations between you and other bots or reviewers to keep the noise down. I'll push a commit with your requested changes shortly after. Please note there might be a delay between these steps, but rest assured I'm on the job! For more direct control, you can switch me to Reactive Mode. When this mode is on, I will only act on comments where you specifically mention me with New to Jules? Learn more at jules.google/docs. For security, I will only act on instructions from the user who triggered this task. |
![sourcery-ai[bot]](https://avatars.githubusercontent.com/in/48477?s=60&v=4){kind=small}
…ection
- Updated `cli/utils/template_filters.py` to escape `[` as `{[}` and `]` as `{]}`.
- Updated `resume_pdf_lib/generator.py` to escape `[` and `]` similarly.
- Added `tests/test_bracket_escape.py` to verify bracket escaping.
- Updated `tests/test_template_generator.py` to assert that brackets are escaped.
- Added entry to `.jules/sentinel.md` documenting the vulnerability and fix.
This prevents attackers from injecting LaTeX commands via optional arguments (e.g., `\item[...]`) if user input is used in such contexts.
Co-authored-by: anchapin <6326294+anchapin@users.noreply.github.com>
…ection
- Updated `cli/utils/template_filters.py` to escape `[` as `{[}` and `]` as `{]}`.
- Updated `resume_pdf_lib/generator.py` to escape `[` and `]` similarly.
- Added `tests/test_bracket_escape.py` to verify bracket escaping.
- Updated `tests/test_template_generator.py` to assert that brackets are escaped.
- Added entry to `.jules/sentinel.md` documenting the vulnerability and fix.
This prevents attackers from injecting LaTeX commands via optional arguments (e.g., `\item[...]`) if user input is used in such contexts.
Co-authored-by: anchapin <6326294+anchapin@users.noreply.github.com>
1 participant
Identified a high-severity potential vulnerability where user input containing square brackets
[and]was not properly escaped in LaTeX templates. This could allow attackers to inject arbitrary LaTeX commands if the input is used in an optional argument context (e.g.,\item[user_input]).Fixed the issue by updating the
latex_escapeutility function in bothcli/utils/template_filters.pyandresume_pdf_lib/generator.pyto escape[as{[}and]as{]}. This neutralizes their syntactic meaning while preserving their visual rendering.Added comprehensive tests to verify the fix and prevent regressions.
PR created automatically by Jules for task 16677025807093337733 started by @anchapin