Check for null bytes and invalid environment vars on System

Author: José Valim

lib/elixir/lib/system.ex

@@ -339,6 +339,8 @@ defmodule System do
   """
   @spec find_executable(binary) :: binary | nil
   def find_executable(program) when is_binary(program) do
+    assert_no_null_byte!(program, "System.find_executable/1")
+
     case :os.find_executable(String.to_charlist(program)) do
       false -> nil
       other -> List.to_string(other)
@@ -393,8 +395,13 @@ defmodule System do
   """
   @spec put_env(binary, binary) :: :ok
   def put_env(varname, value) when is_binary(varname) and is_binary(value) do
-   :os.putenv String.to_charlist(varname), String.to_charlist(value)
-   :ok
+    case :binary.match(varname, "=") do
+      {_, _} ->
+        raise ArgumentError, "cannot execute System.put_env/2 for key with \"=\", got: #{inspect varname}"
+      :nomatch ->
+        :os.putenv String.to_charlist(varname), String.to_charlist(value)
+        :ok
+    end
   end
 
   @doc """
@@ -588,6 +595,7 @@ defmodule System do
   @spec cmd(binary, [binary], keyword) ::
         {Collectable.t, exit_status :: non_neg_integer}
   def cmd(command, args, opts \\ []) when is_binary(command) and is_list(args) do
+    assert_no_null_byte!(command, "System.cmd/3")
     cmd = String.to_charlist(command)
 
     cmd =
@@ -833,6 +841,15 @@ defmodule System do
     :erlang.unique_integer(modifiers)
   end
 
+  defp assert_no_null_byte!(binary, operation) do
+    case :binary.match(binary, "\0") do
+      {_, _} ->
+        raise ArgumentError, "cannot execute #{operation} for program with null byte, got: #{inspect binary}"
+      :nomatch ->
+        binary
+    end
+  end
+
   defp normalize_time_unit(:native),
     do: :native
 

lib/elixir/test/elixir/system_test.exs

@@ -73,6 +73,16 @@ defmodule SystemTest do
 
     System.put_env(%{@test_var => "OTHER_SAMPLE"})
     assert System.get_env(@test_var) == "OTHER_SAMPLE"
+
+    assert_raise ArgumentError, ~r[cannot execute System.put_env/2 for key with \"=\"], fn ->
+      System.put_env("FOO=BAR", "BAZ")
+    end
+  end
+
+  test "cmd/2 raises for null bytes" do
+    assert_raise ArgumentError, ~r"cannot execute System.cmd/3 for program with null byte", fn ->
+      System.cmd("null\0byte", [])
+    end
   end
 
   if windows?() do
@@ -107,19 +117,19 @@ defmodule SystemTest do
       File.rm_rf! Path.dirname(tmp_path(@echo))
     end
   else
-    test "cmd/2 Unix" do
+    test "cmd/2 unix" do
       assert {"hello\n", 0} = System.cmd "echo", ["hello"]
     end
 
-    test "cmd/3 (with options) Unix" do
+    test "cmd/3 (with options) unix" do
       assert {["hello\n"], 0} = System.cmd "echo", ["hello"],
                                   into: [], cd: System.cwd!, env: %{"foo" => "bar", "baz" => nil},
                                   arg0: "echo", stderr_to_stdout: true, parallelism: true
     end
 
     @echo "echo-elixir-test"
 
-    test "cmd/2 with absolute and relative paths Unix" do
+    test "cmd/2 with absolute and relative paths ynix" do
       echo = tmp_path(@echo)
       File.mkdir_p! Path.dirname(echo)
       File.cp! System.find_executable("echo"), echo
@@ -143,6 +153,9 @@ defmodule SystemTest do
     assert System.find_executable("erl")
     assert is_binary System.find_executable("erl")
     assert !System.find_executable("does-not-really-exist-from-elixir")
+    assert_raise ArgumentError, ~r"cannot execute System.find_executable/1 for program with null byte", fn ->
+      System.find_executable("null\0byte")
+    end
   end
 
   test "monotonic_time/0" do