security: harden code against command injection and path traversal

Core changes: * enforce HTTPS URLs and remove shell usage in generate_release.py * replace os.system calls with subprocess across the codebase * validate external inputs (playlist names, video IDs) Improvements and fixes: * settings.py: fix typo (node.lineno → line_number); use isinstance() over type() * youtube/get_app_version: improve git detection using subprocess.DEVNULL * youtube/util.py: add cleanup helpers; use shutil.which for binary resolution YouTube modules: * watch.py: detect and flag HLS streams; remove unused audio_track_sources * comments.py: return early when comments are disabled; add error handling * local_playlist.py: validate playlist names to prevent path traversal * subscriptions.py: replace asserts with proper error handling; validate video IDs Cleanup: * remove unused imports across modules (playlist, search, channel) * reorganize package imports in youtube/**init**.py * simplify test imports and fix cleanup_func in tests Tests: * tests/test_shorts.py: simplify imports * tests/test_util.py: fix cleanup_func definition
2026-04-20 00:39:35 -05:00
parent 155bd4df49
commit d6190a2d0b
16 changed files with 237 additions and 146 deletions
--- a/youtube/comments.py
+++ b/youtube/comments.py
@@ -155,33 +155,35 @@ def post_process_comments_info(comments_info):


 def video_comments(video_id, sort=0, offset=0, lc='', secret_key=''):
+    if not settings.comments_mode:
+        return {}
+
+    # Initialize the result dict up-front so that any exception path below
+    # can safely attach an 'error' field without risking UnboundLocalError.
+    comments_info = {'error': None}
    try:
-        if settings.comments_mode:
-            comments_info = {'error': None}
-            other_sort_url = (
-                util.URL_ORIGIN + '/comments?ctoken='
-                + make_comment_ctoken(video_id, sort=1 - sort, lc=lc)
-            )
-            other_sort_text = 'Sort by ' + ('newest' if sort == 0 else 'top')
+        other_sort_url = (
+            util.URL_ORIGIN + '/comments?ctoken='
+            + make_comment_ctoken(video_id, sort=1 - sort, lc=lc)
+        )
+        other_sort_text = 'Sort by ' + ('newest' if sort == 0 else 'top')

-            this_sort_url = (util.URL_ORIGIN
-                             + '/comments?ctoken='
-                             + make_comment_ctoken(video_id, sort=sort, lc=lc))
+        this_sort_url = (util.URL_ORIGIN
+                         + '/comments?ctoken='
+                         + make_comment_ctoken(video_id, sort=sort, lc=lc))

-            comments_info['comment_links'] = [
-                (other_sort_text, other_sort_url),
-                ('Direct link', this_sort_url)
-            ]
+        comments_info['comment_links'] = [
+            (other_sort_text, other_sort_url),
+            ('Direct link', this_sort_url)
+        ]

-            ctoken = make_comment_ctoken(video_id, sort, offset, lc)
-            comments_info.update(yt_data_extract.extract_comments_info(
-                request_comments(ctoken), ctoken=ctoken
-            ))
-            post_process_comments_info(comments_info)
+        ctoken = make_comment_ctoken(video_id, sort, offset, lc)
+        comments_info.update(yt_data_extract.extract_comments_info(
+            request_comments(ctoken), ctoken=ctoken
+        ))
+        post_process_comments_info(comments_info)

-            return comments_info
-        else:
-            return {}
+        return comments_info
    except util.FetchError as e:
        if e.code == '429' and settings.route_tor:
            comments_info['error'] = 'Error: YouTube blocked the request because the Tor exit node is overutilized.'