Skip to content

Remove auto-registered MaliciousFilter RCE sink#1

Draft
WeiWeiQY wants to merge 1 commit intomainfrom
codex/propose-fix-for-remote-command-execution-vulnerability
Draft

Remove auto-registered MaliciousFilter RCE sink#1
WeiWeiQY wants to merge 1 commit intomainfrom
codex/propose-fix-for-remote-command-execution-vulnerability

Conversation

@WeiWeiQY
Copy link
Copy Markdown
Owner

@WeiWeiQY WeiWeiQY commented Mar 10, 2026

Motivation

  • Remove an always-on filter registration that exposed an RCE sink by executing the cmd request parameter with Runtime.getRuntime().exec(...).

Description

  • Removed the maliciousFilter bean registration from FilterConfig so MaliciousFilter is no longer auto-registered for /mshell/filter/*, keeping the change minimal and preserving the MaliciousFilter class (no behavior added).

Testing

  • Attempted an automated build with mvn -q -DskipTests package, which could not complete due to external dependency resolution failures against the configured Maven mirror (HTTP 403), so compile/test verification could not be completed in this environment.

Codex Task

@coderabbitai
Copy link
Copy Markdown

coderabbitai bot commented Mar 10, 2026

Important

Review skipped

Draft detected.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: e1aae6e6-b498-4ea9-b561-b006f622a67d

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

  • 🔍 Trigger review
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch codex/propose-fix-for-remote-command-execution-vulnerability

Tip

Try Coding Plans. Let us write the prompt for your AI agent so you can ship faster (with fewer bugs).
Share your feedback on Discord.

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

aardvark codex

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@WeiWeiQY