From 02858c0892a5bc477e5478baeba6341afb256d59 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Tue, 3 Mar 2026 09:05:01 +0100
Subject: [PATCH] test(rollback): verify shell metacharacter escaping in git
 commit parameter

---
 tests/Feature/ApplicationRollbackTest.php | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/tests/Feature/ApplicationRollbackTest.php b/tests/Feature/ApplicationRollbackTest.php
index bb0ced763..bf80868cb 100644
--- a/tests/Feature/ApplicationRollbackTest.php
+++ b/tests/Feature/ApplicationRollbackTest.php
@@ -87,6 +87,27 @@
         expect($result)->toContain('def789abc012def789abc012def789abc012def7');
     });
 
+    test('setGitImportSettings escapes shell metacharacters in commit parameter', function () {
+        ApplicationSetting::create([
+            'application_id' => $this->application->id,
+            'is_git_shallow_clone_enabled' => false,
+        ]);
+
+        $maliciousCommit = 'abc123; rm -rf /';
+
+        $result = $this->application->setGitImportSettings(
+            deployment_uuid: 'test-uuid',
+            git_clone_command: 'git clone',
+            public: true,
+            commit: $maliciousCommit
+        );
+
+        // escapeshellarg wraps the value in single quotes, neutralizing metacharacters
+        expect($result)
+            ->toContain("checkout 'abc123; rm -rf /'")
+            ->not->toContain('checkout abc123; rm -rf /');
+    });
+
     test('setGitImportSettings does not append checkout when commit is HEAD', function () {
         ApplicationSetting::create([
             'application_id' => $this->application->id,