From 5245d037aca3dd3e885be0bd723767cce69b087d Mon Sep 17 00:00:00 2001 From: Jun Siang Cheah Date: Tue, 23 Apr 2024 19:25:43 +0100 Subject: [PATCH] fix: harden litellm exec command to prevent unintended commands logic was previously to split on space for arguments, but if any of the user controlled variables LITELLM_PROXY_HOST or DATA_DIR had spaces in them, this would not behave correctly. --- backend/apps/litellm/main.py | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/backend/apps/litellm/main.py b/backend/apps/litellm/main.py index bdf70615c..119e9107e 100644 --- a/backend/apps/litellm/main.py +++ b/backend/apps/litellm/main.py @@ -1,3 +1,5 @@ +import sys + from fastapi import FastAPI, Depends, HTTPException from fastapi.routing import APIRoute from fastapi.middleware.cors import CORSMiddleware @@ -70,7 +72,7 @@ async def run_background_process(command): log.info(f"Executing command: {command}") # Execute the command and create a subprocess process = await asyncio.create_subprocess_exec( - *command.split(), stdout=subprocess.PIPE, stderr=subprocess.PIPE + *command, stdout=subprocess.PIPE, stderr=subprocess.PIPE ) background_process = process log.info("Subprocess started successfully.") @@ -96,7 +98,17 @@ async def run_background_process(command): async def start_litellm_background(): log.info("start_litellm_background") # Command to run in the background - command = f"litellm --port {LITELLM_PROXY_PORT} --host {LITELLM_PROXY_HOST} --telemetry False --config {LITELLM_CONFIG_DIR}" + command = [ + "litellm", + "--port", + str(LITELLM_PROXY_PORT), + "--host", + LITELLM_PROXY_HOST, + "--telemetry", + "False", + "--config", + LITELLM_CONFIG_DIR, + ] await run_background_process(command)