Timmy_Foundation/hermes-agent
16
0
Fork 0
Code Issues 55 Pull Requests 1 Actions 46 Packages Projects Releases Wiki Activity

fix: escape file glob patterns in ShellFileOperations

Browse Source 
- Updated the file glob and include filters in the ShellFileOperations class to escape shell arguments, preventing unintended shell expansion.
- Added comments to clarify the necessity of quoting for file glob patterns.
This commit is contained in:
teknium1
2026-02-19 15:12:02 -08:00
parent 057d3e1810
commit d070b8698d
1 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
tools/file_operations.py
View File

@@ -814,9 +814,9 @@ class ShellFileOperations(FileOperations):
if context > 0:
cmd_parts.extend(["-C", str(context)])
# Add file glob filter
# Add file glob filter (must be quoted to prevent shell expansion)
if file_glob:
cmd_parts.extend(["--glob", file_glob])
cmd_parts.extend(["--glob", self._escape_shell_arg(file_glob)])
# Output mode handling
if output_mode == "files_only":
@@ -910,9 +910,9 @@ class ShellFileOperations(FileOperations):
if context > 0:
cmd_parts.extend(["-C", str(context)])
# Add file pattern filter
# Add file pattern filter (must be quoted to prevent shell expansion)
if file_glob:
cmd_parts.extend(["--include", file_glob])
cmd_parts.extend(["--include", self._escape_shell_arg(file_glob)])
# Output mode handling
if output_mode == "files_only":