CircleCI Shell Injection¶
Prevent shell injection attacks in CircleCI configurations by adhering to secure coding practices when scripting commands or passing parameters. Unchecked variables and improper handling of inputs can expose pipelines to injection vulnerabilities.
Examples¶
Insecure Example
The following example demonstrates an insecure CircleCI configuration where user input is directly injected into a shell command without validation or sanitization:
jobs:
build:
steps:
- run: echo "Hello ${USER_INPUT}"
Secure Example
Here’s a secure version of the configuration, ensuring user input is sanitized or avoided entirely:
jobs:
build:
steps:
- run: echo "Hello World" # Avoids relying on user input
Alternatively, you can explicitly validate or sanitize the input before use.
Mitigation Steps¶
- Avoid using untrusted inputs in shell commands directly.
- Use secure alternatives such as parameterized inputs or environment variables with validation.
- Leverage CircleCI’s built-in features like contexts or secure environment variable storage.
- Regularly review your pipeline configurations for potential vulnerabilities.