From e6417cb7bc9f74c4249d60dc083470fed27604ea Mon Sep 17 00:00:00 2001
From: 0xbyt4 <35742124+0xbyt4@users.noreply.github.com>
Date: Thu, 12 Mar 2026 22:37:02 +0300
Subject: [PATCH] fix: escape parens and braces in fork bomb regex pattern

The fork bomb regex used `()` (empty capture group) and unescaped `{}`
instead of literal `\(\)` and `\{\}`. This meant the classic fork bomb
`:(){ :|:& };:` was never detected. Also added `\s*` between `:` and
`&` and between `;` and trailing `:` to catch whitespace variants.
---
 tests/tools/test_approval.py | 17 +++++++++++++++++
 tools/approval.py            |  2 +-
 2 files changed, 18 insertions(+), 1 deletion(-)

diff --git a/tests/tools/test_approval.py b/tests/tools/test_approval.py
index b95e865e5..1aa4e0b7a 100644
--- a/tests/tools/test_approval.py
+++ b/tests/tools/test_approval.py
@@ -413,3 +413,20 @@ class TestViewFullCommand:
         # After first 'v', is_truncated becomes False, so second 'v' -> deny
         assert result == "deny"
 
+
+class TestForkBombDetection:
+    """The fork bomb regex must match the classic :(){ :|:& };: pattern."""
+
+    def test_classic_fork_bomb(self):
+        dangerous, key, desc = detect_dangerous_command(":(){ :|:& };:")
+        assert dangerous is True, "classic fork bomb not detected"
+        assert "fork bomb" in desc.lower()
+
+    def test_fork_bomb_with_spaces(self):
+        dangerous, key, desc = detect_dangerous_command(":()  {  : | :&  } ; :")
+        assert dangerous is True, "fork bomb with extra spaces not detected"
+
+    def test_colon_in_safe_command_not_flagged(self):
+        dangerous, key, desc = detect_dangerous_command("echo hello:world")
+        assert dangerous is False
+
diff --git a/tools/approval.py b/tools/approval.py
index 83980893d..ad13e8eac 100644
--- a/tools/approval.py
+++ b/tools/approval.py
@@ -38,7 +38,7 @@ DANGEROUS_PATTERNS = [
     (r'\bsystemctl\s+(stop|disable|mask)\b', "stop/disable system service"),
     (r'\bkill\s+-9\s+-1\b', "kill all processes"),
     (r'\bpkill\s+-9\b', "force kill processes"),
-    (r':()\s*{\s*:\s*\|\s*:&\s*}\s*;:', "fork bomb"),
+    (r':\(\)\s*\{\s*:\s*\|\s*:\s*&\s*\}\s*;\s*:', "fork bomb"),
     (r'\b(bash|sh|zsh)\s+-c\s+', "shell command via -c flag"),
     (r'\b(python[23]?|perl|ruby|node)\s+-[ec]\s+', "script execution via -e/-c flag"),
     (r'\b(curl|wget)\b.*\|\s*(ba)?sh\b', "pipe remote content to shell"),