Skip to content

fix(install): validate redirect URL origin before trusting resolved version#662

Open
latenighthackathon wants to merge 1 commit intoNVIDIA:mainfrom
latenighthackathon:sec/install-validate-redirect-origin
Open

fix(install): validate redirect URL origin before trusting resolved version#662
latenighthackathon wants to merge 1 commit intoNVIDIA:mainfrom
latenighthackathon:sec/install-validate-redirect-origin

Conversation

@latenighthackathon
Copy link
Copy Markdown
Contributor

@latenighthackathon latenighthackathon commented Mar 29, 2026
edited
Loading

Summary

resolve_redirect() follows HTTP redirects to determine the latest release tag but never validates the final URL origin. A compromised CDN, DNS poisoning, or open redirect could cause the installer to download binaries from an attacker-controlled server. This adds origin validation and caps redirect depth as defense-in-depth.

Related Issue

Closes #638

Changes

  • Added origin validation in resolve_redirect(): resolved URLs must match https://github.com/NVIDIA/OpenShell/* or the installer aborts.
  • Capped redirect depth in download() to 5 as defense-in-depth.

Testing

  • mise run pre-commit passes
  • Shell script changes only (no Rust changes)

Executed:

  • mise run pre-commit locally: format, license, and lint checks pass
  • Compile/test steps require Linux CI runners
  • Verified install.sh test jobs pass in CI (bash, sh, fish, zsh all green)

Checklist

  • Follows Conventional Commits
  • Commits are signed off (DCO)
  • Architecture docs updated (if applicable)

@latenighthackathon
fix(install): validate redirect URL origin before trusting resolved v…
2549e46 
…ersion

resolve_redirect() follows HTTP redirects to determine the latest
release tag, but never validated that the final URL still pointed to
the expected GitHub repository. A compromised CDN, DNS poisoning, or
an open redirect could cause the installer to extract a version tag
from — and subsequently download binaries from — an attacker-controlled
origin.

Add origin validation: reject resolved URLs that don't match
https://github.com/NVIDIA/OpenShell/*. Also cap redirect depth
in download() to 5 as defense-in-depth.

Closes NVIDIA#638

Signed-off-by: latenighthackathon <latenighthackathon@users.noreply.github.com>
@latenighthackathon latenighthackathon requested a review from a team as a code owner March 29, 2026 22:41
@github-actions
Copy link
Copy Markdown

github-actions bot commented Mar 29, 2026
edited
Loading

All contributors have signed the DCO ✍️ ✅
Posted by the DCO Assistant Lite bot.

@latenighthackathon
Copy link
Copy Markdown
Contributor Author

latenighthackathon commented Mar 29, 2026

I have read the DCO document and I hereby sign the DCO.

@drew drew self-assigned this Mar 30, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@drew drew

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

sec(install): install.sh follows redirects without validating final URL origin

2 participants

@latenighthackathon @drew