vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-05 21:40:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(exec): close dispatch-wrapper boundary drift

Browse Source
This commit is contained in:
Peter Steinberger
2026-03-07 23:40:05 +00:00
parent adf4eb487b
commit 2fc95a7cfc
4 changed files with 58 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/infra/exec-wrapper-resolution.ts
View File

@@ -509,7 +509,9 @@ function hasEnvManipulationBeforeShellWrapperInternal(
depth: number,
envManipulationSeen: boolean,
): boolean {
if (depth >= MAX_DISPATCH_WRAPPER_DEPTH) {
// The wrapper found exactly at the configured dispatch depth boundary still needs
// to participate in approval classification; only paths beyond that boundary fail closed.
if (depth > MAX_DISPATCH_WRAPPER_DEPTH) {
return false;
}
@@ -607,7 +609,9 @@ function extractShellWrapperCommandInternal(
rawCommand: string | null,
depth: number,
): ShellWrapperCommand {
if (depth >= MAX_DISPATCH_WRAPPER_DEPTH) {
// The shell wrapper reached at the boundary depth is still semantically relevant.
// Only deeper wrapper stacks should be dropped as overflow.
if (depth > MAX_DISPATCH_WRAPPER_DEPTH) {
return { isWrapper: false, command: null };
}