vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-04-12 17:51:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(daemon): sanitize launchd handoff label errors

Browse Source
This commit is contained in:
Peter Steinberger
2026-04-10 21:08:35 +01:00
parent 4d2fdb9f71
commit 8c6d231dba
2 changed files with 6 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/daemon/launchd-restart-handoff.test.ts
View File

@@ -67,15 +67,15 @@ describe("scheduleDetachedLaunchdRestartHandoff", () => {
});
it("rejects invalid launchd labels before spawning the helper", () => {
expect(() =>
expect(() => {
scheduleDetachedLaunchdRestartHandoff({
env: {
HOME: "/Users/test",
OPENCLAW_LAUNCHD_LABEL: "../evil/label",
OPENCLAW_LAUNCHD_LABEL: "../evil/\n\u001b[31mlabel\u001b[0m",
},
mode: "kickstart",
}),
).toThrow("Invalid launchd label");
});
}).toThrow("Invalid launchd label: ../evil/label");
expect(spawnMock).not.toHaveBeenCalled();
});
});

3
src/daemon/launchd-restart-handoff.ts
View File

@@ -3,6 +3,7 @@ import os from "node:os";
import path from "node:path";
import { formatErrorMessage } from "../infra/errors.js";
import { normalizeOptionalString } from "../shared/string-coerce.js";
import { sanitizeForLog } from "../terminal/ansi.js";
import { resolveGatewayLaunchAgentLabel } from "./constants.js";
export type LaunchdRestartHandoffMode = "kickstart" | "start-after-exit";
@@ -23,7 +24,7 @@ export type LaunchdRestartTarget = {
function assertValidLaunchAgentLabel(label: string): string {
const trimmed = label.trim();
if (!/^[A-Za-z0-9._-]+$/.test(trimmed)) {
throw new Error(`Invalid launchd label: ${trimmed}`);
throw new Error(`Invalid launchd label: ${sanitizeForLog(trimmed)}`);
}
return trimmed;
}