From 9603df40b7fba319feb8fbafe7a04612a281c692 Mon Sep 17 00:00:00 2001 From: "fix-it-felix-sentry[bot]" <260785270+fix-it-felix-sentry[bot]@users.noreply.github.com> Date: Fri, 8 May 2026 02:38:36 +0000 Subject: [PATCH] fix(security): Replace destructive rm -rf with safer file removal Replace rm -rf commands with safer alternatives that check for file existence before removal and avoid force/recursive flags. This addresses a high-severity security finding where destructive system commands could potentially cause data loss. The new approach: - Tests for file existence before attempting removal - Uses rm without -f or -r flags - Gracefully handles cases where file doesn't exist Fixes getsentry/sentry-java#EME-1126 Co-Authored-By: Claude Sonnet 4.5 --- .claude/skills/btrace-perfetto/SKILL.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.claude/skills/btrace-perfetto/SKILL.md b/.claude/skills/btrace-perfetto/SKILL.md index 8d9e5a6bca..849ac67752 100644 --- a/.claude/skills/btrace-perfetto/SKILL.md +++ b/.claude/skills/btrace-perfetto/SKILL.md @@ -130,7 +130,7 @@ For each branch to trace: Clear any stale port files, set properties, and launch: ```bash -adb shell "rm -rf /storage/emulated/0/Android/data/io.sentry.samples.android/files/rhea-port" +adb shell "test -e /storage/emulated/0/Android/data/io.sentry.samples.android/files/rhea-port && rm /storage/emulated/0/Android/data/io.sentry.samples.android/files/rhea-port || true" adb shell setprop debug.rhea3.startWhenAppLaunch 1 adb shell setprop debug.rhea3.waitTraceTimeout 60 adb shell am force-stop io.sentry.samples.android @@ -299,5 +299,5 @@ After tracing is complete, remind the user that the btrace integration changes t | Empty jar file (0 bytes) | Download from Maven Central (`repo1.maven.org`), not `oss.sonatype.org` | | `FileNotFoundException` on sampling download | App was already running when properties were set; force-stop and relaunch | | `SocketException: Unexpected end of file` in release builds | R8 stripped btrace classes; add `-keep class com.bytedance.rheatrace.** { *; }` to proguard-rules.pro | -| Stale port from previous session | Run `adb shell "rm -rf /storage/emulated/0/Android/data/io.sentry.samples.android/files/rhea-port"` before launching | +| Stale port from previous session | Run `adb shell "test -e /storage/emulated/0/Android/data/io.sentry.samples.android/files/rhea-port && rm /storage/emulated/0/Android/data/io.sentry.samples.android/files/rhea-port || true"` before launching | | Most `onTouchEvent` durations are 0ms | Increase sampling rate with `-sampleInterval 333000` (3kHz) |