Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Security improvements suggested by Claude; drops requirement for curl and uses requests library for downloads #481

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 7 commits into from
Oct 24, 2025
Merged

Security improvements suggested by Claude; drops requirement for curl and uses requests library for downloads #481

merged 7 commits into from
Oct 24, 2025
+668 −79

Conversation

@blaylockbk
Copy link
Owner

@blaylockbk blaylockbk commented Oct 21, 2025

KEY SECURITY IMPROVEMENTS:

  1. wgrib2_idx():

    • Changed from: subprocess.run(f"{wgrib2} -s {grib2filepath}", shell=True)
    • Changed to: subprocess.run([wgrib2, "-s", str(grib2filepath)])
    • Benefit: Prevents shell injection attacks

  2. Subset with requests:

    • Pure Python, no external curl dependency
    • More portable across platforms
    • Better error handling
    • Easier to test

WHY THIS MATTERS:

  • If grib2filepath contains special characters like "; rm -rf /"
    the old version would execute that command
  • The new version treats all inputs as data, not code
  • This is especially important if filepath comes from user input

MIGRATION NOTES:

  • The new version has identical functionality
  • Error messages are now more descriptive
  • No changes needed to calling code
  • Add timeout parameter to subprocess calls if needed

@blaylockbk
Security improvements suggested by Claude
6cd3a6a 
KEY SECURITY IMPROVEMENTS:

1. wgrib2_idx():
   - Changed from: subprocess.run(f"{wgrib2} -s {grib2filepath}", shell=True)
   - Changed to: subprocess.run([wgrib2, "-s", str(grib2filepath)])
   - Benefit: Prevents shell injection attacks

2. Subset with requests:
   - Pure Python, no external curl dependency
   - More portable across platforms
   - Better error handling
   - Easier to test

WHY THIS MATTERS:
- If grib2filepath contains special characters like "; rm -rf /"
  the old version would execute that command
- The new version treats all inputs as data, not code
- This is especially important if filepath comes from user input

MIGRATION NOTES:
- The new version has identical functionality
- Error messages are now more descriptive
- No changes needed to calling code
- Add timeout parameter to subprocess calls if needed
@blaylockbk
fixed download subset to extract from local files
1642f37
@blaylockbk
remove reference to curl (use requests library instead)
e8b291f
@blaylockbk
add new tests for download subset feature (written by claude)
f2e3a25
@blaylockbk
skip tests for models if URL is unreachable
fa8e7e8
@blaylockbk
fix verbose output for subset download
6ac5a65
@blaylockbk
fix a search string warning
0c572cf
@blaylockbk blaylockbk changed the title Security improvements suggested by Claude Security improvements suggested by Claude; drops requirement for curl and uses requests library for downloads Oct 24, 2025
@blaylockbk blaylockbk merged commit ecffb5c into main Oct 24, 2025
9 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@blaylockbk