The grep tool bypassed the sensitive-file deny-list that read_file, write_file, and edit_file all respect. Two code paths fixed: 1. ripgrep path: adds --glob exclusion patterns for each entry in _SENSITIVE_FILE_PATTERNS (id_rsa, known_hosts, authorized_keys, etc.) 2. Pure-Python os.walk fallback: checks _is_sensitive_path() before opening each file, skipping files that match the deny-list Fixes #5011 Co-authored-by: michaelxer <michaelxer@users.noreply.github.com>
This commit is contained in:
parent
41420c59fc
commit
3d75fad52f
1 changed files with 11 additions and 1 deletions
|
|
@ -348,7 +348,13 @@ class GlobTool:
|
|||
|
||||
class GrepTool:
|
||||
async def execute(self, content: str, ctx: dict) -> dict:
|
||||
from src.tool_execution import _resolve_tool_path, _resolve_search_root, _truncate
|
||||
from src.tool_execution import (
|
||||
_SENSITIVE_FILE_PATTERNS,
|
||||
_is_sensitive_path,
|
||||
_resolve_tool_path,
|
||||
_resolve_search_root,
|
||||
_truncate,
|
||||
)
|
||||
args: Dict[str, Any] = {}
|
||||
_s = (content or "").strip()
|
||||
if _s.startswith("{"):
|
||||
|
|
@ -384,6 +390,8 @@ class GrepTool:
|
|||
cmd.append("--ignore-case")
|
||||
if glob_pat:
|
||||
cmd += ["--glob", glob_pat]
|
||||
for _pat in _SENSITIVE_FILE_PATTERNS:
|
||||
cmd += ["--glob", f"!*{_pat}*"]
|
||||
for _d in _CODENAV_SKIP_DIRS:
|
||||
cmd += ["--glob", f"!**/{_d}/**"]
|
||||
cmd += ["--regexp", pattern, root]
|
||||
|
|
@ -414,6 +422,8 @@ class GrepTool:
|
|||
for fp in file_iter:
|
||||
if len(hits) >= max_hits:
|
||||
break
|
||||
if _is_sensitive_path(os.path.realpath(fp)):
|
||||
continue
|
||||
try:
|
||||
with open(fp, "r", encoding="utf-8", errors="strict") as f:
|
||||
for i, line in enumerate(f, 1):
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue