Skip to content

fix(sandbox): block unspecified addresses in SSRF guards#598

Merged
johntmyers merged 1 commit intomainfrom
codex/fix-592-unspecified-ssrf
Mar 24, 2026
Merged

fix(sandbox): block unspecified addresses in SSRF guards#598
johntmyers merged 1 commit intomainfrom
codex/fix-592-unspecified-ssrf

Conversation

@johntmyers
Copy link
Collaborator

@johntmyers johntmyers commented Mar 24, 2026

Summary

Treat unspecified IP addresses (0.0.0.0 and ::) as internal/blocked in sandbox proxy SSRF checks.

Related Issue

Closes #592

Changes

  • Update is_internal_ip to classify unspecified IPv4/IPv6 as internal.
  • Update is_always_blocked_ip to always block unspecified IPv4/IPv6 even when allowed_ips is configured.
  • Add regression tests for internal classification, always-blocked classification, and resolve_and_check_allowed_ips rejecting 0.0.0.0.

Testing

  • RUSTC_WRAPPER= cargo test -p openshell-sandbox unspecified
  • mise run pre-commit (fails due unrelated existing SPDX header issues under architecture/plans/567-*)

Checklist

  • Scope limited to issue
  • Tests added for regression coverage
  • No unrelated files changed

@johntmyers johntmyers requested a review from a team as a code owner March 24, 2026 22:33
@johntmyers johntmyers self-assigned this Mar 24, 2026
@johntmyers johntmyers added the test:e2e Requires end-to-end coverage label Mar 24, 2026
@johntmyers johntmyers merged commit 6afe945 into main Mar 24, 2026
13 checks passed
@johntmyers johntmyers deleted the codex/fix-592-unspecified-ssrf branch March 24, 2026 22:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@pimlock pimlock pimlock approved these changes

Assignees

@johntmyers johntmyers

Labels

test:e2e Requires end-to-end coverage

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

sec(sandbox): missing 0.0.0.0 (unspecified address) check in SSRF protection

2 participants

@johntmyers @pimlock