From 1248758d46db1017d8999982c2a510312ba9e9ae Mon Sep 17 00:00:00 2001 From: unknown <49066403+bodane@users.noreply.github.com> Date: Sun, 1 Feb 2026 00:46:46 +1100 Subject: [PATCH] security: fix single percent detection and add fsutil to PowerShell setup.bat: - Fix percent sign detection to catch single % (not just %%) - Use string substitution for reliable detection install-core.ps1: - Add fsutil reparsepoint query to Test-SecureDirectory - Matches batch script's dual-layer detection approach - Keep .NET attribute check as fallback Co-Authored-By: Claude Opus 4.5 --- scripts/install-core.ps1 | 9 +++++++-- setup.bat | 6 ++++-- 2 files changed, 11 insertions(+), 4 deletions(-) diff --git a/scripts/install-core.ps1 b/scripts/install-core.ps1 index e724d08..62db1ee 100644 --- a/scripts/install-core.ps1 +++ b/scripts/install-core.ps1 @@ -69,9 +69,14 @@ function Test-SecureDirectory { return $true # Directory doesn't exist yet, will be created } - $dirInfo = Get-Item $Path -Force + # Primary check: use fsutil for reliable reparse point detection (matches batch script) + $fsutilResult = & fsutil reparsepoint query $Path 2>&1 + if ($LASTEXITCODE -eq 0) { + Write-Err "Directory '$Path' is a reparse point (symlink or junction). Possible symlink attack detected." + } - # Check for symlinks/junctions + # Fallback: check .NET attributes + $dirInfo = Get-Item $Path -Force if ($dirInfo.Attributes -band [System.IO.FileAttributes]::ReparsePoint) { Write-Err "Directory '$Path' is a symbolic link or junction. Possible symlink attack detected." } diff --git a/setup.bat b/setup.bat index 0957006..9aed549 100644 --- a/setup.bat +++ b/setup.bat @@ -48,8 +48,10 @@ if !errorlevel! equ 0 ( echo ERROR: LOCALAPPDATA contains invalid shell characters goto :error ) -echo !LOCALAPPDATA! | findstr /c:"%%" >nul -if !errorlevel! equ 0 ( +REM Check for percent signs (both single and double) +set "TEMP_CHECK=!LOCALAPPDATA!" +set "TEMP_CHECK=!TEMP_CHECK:%%=!" +if not "!TEMP_CHECK!"=="!LOCALAPPDATA!" ( echo ERROR: LOCALAPPDATA contains percent signs goto :error )