🛡️ Sentinel: [CRITICAL] Fix LaTeX RCE and DoS in Subprocess Compilation

[anchapin]

🚨 Severity: CRITICAL
💡 Vulnerability: Subprocess calls to pdflatex and pandoc lacked the -no-shell-escape flag. This could allow Remote Code Execution (RCE) if untrusted/injected LaTeX commands like \write18{...} are processed. In addition, an absence of timeouts meant compiling invalid syntax could cause infinite hanging processes, leading to DoS.
🎯 Impact: Attackers could execute arbitrary shell commands on the server via generated/injected LaTeX or cause widespread denial of service by exhausting server resources with hanging LaTeX compilation processes.
🔧 Fix: Added -no-shell-escape to pdflatex and --pdf-engine-opt=-no-shell-escape to pandoc fallback commands in PDFConverter and CoverLetterGenerator. Added timeout=30 to all subprocess.communicate() calls, catching subprocess.TimeoutExpired to explicitly call process.kill() and cleanly terminate.
✅ Verification: Ran pip install -e ".[ai,dev]" and verified with python -m pytest tests/test_pdf_security.py that timeouts and secure flags function correctly without regressions.

---

PR created automatically by Jules for task 17652427337237090992 started by @anchapin

Summary by Sourcery

Harden LaTeX-based PDF generation against remote code execution and hangs by securing subprocess invocations for pdflatex and pandoc.

Bug Fixes:

• Disable LaTeX shell escapes in pdflatex and pandoc-based PDF compilation to prevent remote code execution from untrusted LaTeX input.
• Add timeouts and explicit termination for LaTeX compilation subprocesses to avoid indefinite hangs and denial-of-service conditions.

Documentation:

• Document the LaTeX compilation security vulnerability, its root cause, and the enforced mitigations in the Sentinel security notes.

[google-labs-jules]

👋 Jules, reporting for duty! I'm here to lend a hand with this pull request.

When you start a review, I'll add a 👀 emoji to each comment to let you know I've read it. I'll focus on feedback directed at me and will do my best to stay out of conversations between you and other bots or reviewers to keep the noise down.

I'll push a commit with your requested changes shortly after. Please note there might be a delay between these steps, but rest assured I'm on the job!

For more direct control, you can switch me to Reactive Mode. When this mode is on, I will only act on comments where you specifically mention me with @jules. You can find this option in the Pull Request section of your global Jules UI settings. You can always switch back!

New to Jules? Learn more at jules.google/docs.

---

For security, I will only act on instructions from the user who triggered this task.

[sourcery-ai]

Reviewer's Guide

Harden LaTeX PDF generation against RCE and DoS by disabling shell escapes for pdflatex/pandoc and enforcing timeouts with proper cleanup on all LaTeX compilation subprocesses, plus documenting the incident in sentinel.md.

Sequence diagram for secure LaTeX PDF compilation with timeouts

sequenceDiagram
    actor User
    participant CoverLetterGenerator as CoverLetterGenerator
    participant PDFConverter as PDFConverter
    participant pdflatex as pdflatex_process
    participant pandoc as pandoc_process

    User->>CoverLetterGenerator: _compile_pdf(output_path, tex_content)
    CoverLetterGenerator->>pdflatex: subprocess.Popen(["pdflatex", "-interaction=nonstopmode", "-no-shell-escape", tex_path.name])
    pdflatex-->>CoverLetterGenerator: process
    CoverLetterGenerator->>pdflatex: process.communicate(timeout=30)

    alt [timeout on pdflatex]
        CoverLetterGenerator->>pdflatex: process.kill()
        CoverLetterGenerator->>pdflatex: process.communicate()
        CoverLetterGenerator-->>User: return False
    else [pdflatex fails or no PDF]
        CoverLetterGenerator->>pandoc: subprocess.Popen(["pandoc", tex_path, "-o", output_path, "--pdf-engine=xelatex", "--pdf-engine-opt=-no-shell-escape"])
        pandoc-->>CoverLetterGenerator: process
        CoverLetterGenerator->>pandoc: process.communicate(timeout=30)
        alt [timeout on pandoc]
            CoverLetterGenerator->>pandoc: process.kill()
            CoverLetterGenerator->>pandoc: process.communicate()
            CoverLetterGenerator-->>User: return False
        else [pandoc succeeds]
            CoverLetterGenerator-->>User: return True
        end
    end

    User->>PDFConverter: _compile_pdflatex(tex_path, output_path, working_dir)
    PDFConverter->>pdflatex: subprocess.Popen(["pdflatex", "-interaction=nonstopmode", "-no-shell-escape", tex_path.name])
    pdflatex-->>PDFConverter: process
    PDFConverter->>pdflatex: process.communicate(timeout=30)
    alt [timeout on pdflatex]
        PDFConverter->>pdflatex: process.kill()
        PDFConverter->>pdflatex: process.communicate()
        PDFConverter-->>User: return False
    end

Loading

File-Level Changes

Change	Details	Files
Disable LaTeX shell escapes for all pdflatex and pandoc-based PDF compilation paths.	Add -no-shell-escape flag to pdflatex invocations in LaTeX compilation helpers Add --pdf-engine-opt=-no-shell-escape to pandoc PDF engine invocations as a fallback path Ensure both primary and fallback compilation flows consistently pass the secure flags	cli/generators/cover_letter_generator.py cli/pdf/converter.py
Add bounded execution and cleanup for LaTeX compilation subprocesses to prevent DoS from hanging processes.	Wrap subprocess.communicate() calls with a 30 second timeout On TimeoutExpired, kill the process and perform a final communicate() to drain pipes before returning failure Apply the timeout and cleanup logic to both pdflatex and pandoc subprocesses in all compilation paths	cli/generators/cover_letter_generator.py cli/pdf/converter.py
Document the LaTeX subprocess RCE/DoS vulnerability and mitigations in the security sentinel documentation.	Append a new dated section describing the vulnerability stemming from missing -no-shell-escape and timeouts Capture key learnings about LaTeX shell escapes and dynamic code generation risks Specify prevention guidelines for flags and subprocess timeouts going forward	.jules/sentinel.md

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it. You can also reply to a
  review comment with @sourcery-ai issue to create an issue from it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time. You can also comment
  @sourcery-ai title on the pull request to (re-)generate the title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time exactly where you
  want it. You can also comment @sourcery-ai summary on the pull request to
  (re-)generate the summary at any time.
• Generate reviewer's guide: Comment @sourcery-ai guide on the pull
  request to (re-)generate the reviewer's guide at any time.
• Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
  pull request to resolve all Sourcery comments. Useful if you've already
  addressed all the comments and don't want to see them anymore.
• Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
  request to dismiss all existing Sourcery reviews. Especially useful if you
  want to start fresh with a new review - don't forget to comment
  @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[sourcery-ai]

Hey - I've left some high level feedback:

• The subprocess timeout/kill pattern is duplicated in multiple places; consider extracting a small helper (e.g. run_with_timeout(...)) so all LaTeX compilation calls share the same behavior and are easier to maintain consistently.
• On timeout you currently discard stdout/stderr and only return False; capturing or logging at least stderr on failures and timeouts would make diagnosing LaTeX compilation issues much easier in production.
• The 30-second timeout is hard-coded in several calls; it may be worth centralizing this as a configuration constant so it can be tuned per environment without code changes.

Prompt for AI Agents

Please address the comments from this code review:

## Overall Comments
- The subprocess timeout/kill pattern is duplicated in multiple places; consider extracting a small helper (e.g. `run_with_timeout(...)`) so all LaTeX compilation calls share the same behavior and are easier to maintain consistently.
- On timeout you currently discard `stdout`/`stderr` and only return `False`; capturing or logging at least `stderr` on failures and timeouts would make diagnosing LaTeX compilation issues much easier in production.
- The 30-second timeout is hard-coded in several calls; it may be worth centralizing this as a configuration constant so it can be tuned per environment without code changes.

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}