Prompt
When constructing commands that will be executed, always sanitize input values to prevent command injection vulnerabilities. Never directly substitute user-supplied or externally-sourced data into command strings without proper validation and sanitization.
Unsafe pattern (vulnerable to injection):
command := strings.Replace(proxyCommand, "%h", host, -1)
// Executing this command could be dangerous if 'host' contains malicious characters
Safer alternatives:
- Validate inputs against strict patterns before use
if !validHostnamePattern.MatchString(host) { return nil, fmt.Errorf("Invalid hostname format: %s", host) } - Use dedicated libraries/APIs that handle command arguments safely
cmd := exec.Command(proxyCommand, host, port) // Arguments are properly escaped by the exec package - If string interpolation is necessary, consider using a dedicated escaping function
escapedHost := shellEscape(host) command := strings.Replace(proxyCommand, "%h", escapedHost, -1)
This practice helps protect against attackers who might craft malicious input to execute unauthorized commands on your system.