Security Fix for Command Injection - huntr.dev

[huntr-helper]

https://huntr.dev/users/mufeedvh has fixed the Command Injection vulnerability 🔨. mufeedvh has been awarded $25 for fixing the vulnerability through the huntr bug bounty program 💵. Think you could fix a vulnerability like this?

Get involved at https://huntr.dev/

Q | A
Version Affected | ALL
Bug Fix | YES
Original Pull Request | 418sec#1
Vulnerability README | https://github.com/418sec/huntr/blob/master/bounties/npm/fsa/1/README.md

User Comments:

📊 Metadata *

Bounty URL: https://www.huntr.dev/bounties/1-npm-fsa

⚙️ Description *

The package fsa was vulnerable to Command Injection due to the usage of exec() function.

💻 Technical Description *

It is not recommended to use the function exec() without sanitizing/escaping the input as an attacker can concatenate arbitrary commands. The usage of exec() has been replaced with execFile().

🐛 Proof of Concept (PoC) *

var root = require("./index");
var attack_code = "& touch Song";
var dir = "./";
var options= {};
root.rep.execGitCommand(attack_code,dir,options,function(){});

🔥 Proof of Fix (PoF) *

👍 User Acceptance Testing (UAT)

All OK 👍