vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-04-30 02:22:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

refactor: unify exec wrapper resolution and parity fixtures

Browse Source
This commit is contained in:
Peter Steinberger
2026-02-22 10:26:06 +01:00
parent f4dd0577b0
commit a96d89f343
9 changed files with 566 additions and 425 deletions
Download Patch File Download Diff File Expand all files Collapse all files

101
src/infra/exec-approvals-analysis.ts
View File

@@ -2,6 +2,7 @@ import fs from "node:fs";
import path from "node:path";
import { splitShellArgs } from "../utils/shell-argv.js";
import type { ExecAllowlistEntry } from "./exec-approvals.js";
import { unwrapDispatchWrappersForResolution } from "./exec-wrapper-resolution.js";
import { expandHomePrefix } from "./home-dir.js";
export const DEFAULT_SAFE_BINS = ["jq", "cut", "uniq", "head", "tail", "tr", "wc"];
@@ -12,106 +13,6 @@ export type CommandResolution = {
executableName: string;
};
const ENV_OPTIONS_WITH_VALUE = new Set([
"-u",
"--unset",
"-c",
"--chdir",
"-s",
"--split-string",
"--default-signal",
"--ignore-signal",
"--block-signal",
]);
const ENV_FLAG_OPTIONS = new Set(["-i", "--ignore-environment", "-0", "--null"]);
function basenameLower(token: string): string {
const win = path.win32.basename(token);
const posix = path.posix.basename(token);
const base = win.length < posix.length ? win : posix;
return base.trim().toLowerCase();
}
function isEnvAssignment(token: string): boolean {
return /^[A-Za-z_][A-Za-z0-9_]*=.*/.test(token);
}
function unwrapEnvInvocation(argv: string[]): string[] | null {
let idx = 1;
let expectsOptionValue = false;
while (idx < argv.length) {
const token = argv[idx]?.trim() ?? "";
if (!token) {
idx += 1;
continue;
}
if (expectsOptionValue) {
expectsOptionValue = false;
idx += 1;
continue;
}
if (token === "--" || token === "-") {
idx += 1;
break;
}
if (isEnvAssignment(token)) {
idx += 1;
continue;
}
if (token.startsWith("-") && token !== "-") {
const lower = token.toLowerCase();
const [flag] = lower.split("=", 2);
if (ENV_FLAG_OPTIONS.has(flag)) {
idx += 1;
continue;
}
if (ENV_OPTIONS_WITH_VALUE.has(flag)) {
if (!lower.includes("=")) {
expectsOptionValue = true;
}
idx += 1;
continue;
}
if (
lower.startsWith("-u") ||
lower.startsWith("-c") ||
lower.startsWith("-s") ||
lower.startsWith("--unset=") ||
lower.startsWith("--chdir=") ||
lower.startsWith("--split-string=") ||
lower.startsWith("--default-signal=") ||
lower.startsWith("--ignore-signal=") ||
lower.startsWith("--block-signal=")
) {
idx += 1;
continue;
}
return null;
}
break;
}
return idx < argv.length ? argv.slice(idx) : null;
}
function unwrapDispatchWrappersForResolution(argv: string[]): string[] {
let current = argv;
for (let depth = 0; depth < 4; depth += 1) {
const token0 = current[0]?.trim();
if (!token0) {
break;
}
if (basenameLower(token0) !== "env") {
break;
}
const unwrapped = unwrapEnvInvocation(current);
if (!unwrapped || unwrapped.length === 0) {
break;
}
current = unwrapped;
}
return current;
}
function isExecutableFile(filePath: string): boolean {
try {
const stat = fs.statSync(filePath);

34
src/infra/exec-approvals.test.ts
View File

@@ -53,6 +53,16 @@ type ShellParserParityFixture = {
cases: ShellParserParityFixtureCase[];
};
type WrapperResolutionParityFixtureCase = {
id: string;
argv: string[];
expectedRawExecutable: string | null;
};
type WrapperResolutionParityFixture = {
cases: WrapperResolutionParityFixtureCase[];
};
function loadShellParserParityFixtureCases(): ShellParserParityFixtureCase[] {
const fixturePath = path.join(
process.cwd(),
@@ -64,6 +74,19 @@ function loadShellParserParityFixtureCases(): ShellParserParityFixtureCase[] {
return fixture.cases;
}
function loadWrapperResolutionParityFixtureCases(): WrapperResolutionParityFixtureCase[] {
const fixturePath = path.join(
process.cwd(),
"test",
"fixtures",
"exec-wrapper-resolution-parity.json",
);
const fixture = JSON.parse(
fs.readFileSync(fixturePath, "utf8"),
) as WrapperResolutionParityFixture;
return fixture.cases;
}
describe("exec approvals allowlist matching", () => {
const baseResolution = {
rawExecutable: "rg",
@@ -447,6 +470,17 @@ describe("exec approvals shell parser parity fixture", () => {
}
});
describe("exec approvals wrapper resolution parity fixture", () => {
const fixtures = loadWrapperResolutionParityFixtureCases();
for (const fixture of fixtures) {
it(`matches wrapper fixture: ${fixture.id}`, () => {
const resolution = resolveCommandResolutionFromArgv(fixture.argv);
expect(resolution?.rawExecutable ?? null).toBe(fixture.expectedRawExecutable);
});
}
});
describe("exec approvals shell allowlist (chained commands)", () => {
it("evaluates chained command allowlist scenarios", () => {
const cases: Array<{

242
src/infra/exec-wrapper-resolution.ts Normal file
View File

@@ -0,0 +1,242 @@
import path from "node:path";
export const MAX_DISPATCH_WRAPPER_DEPTH = 4;
export const POSIX_SHELL_WRAPPERS = new Set(["ash", "bash", "dash", "fish", "ksh", "sh", "zsh"]);
export const WINDOWS_CMD_WRAPPERS = new Set(["cmd.exe", "cmd"]);
export const POWERSHELL_WRAPPERS = new Set(["powershell", "powershell.exe", "pwsh", "pwsh.exe"]);
const POSIX_INLINE_COMMAND_FLAGS = new Set(["-lc", "-c", "--command"]);
const POWERSHELL_INLINE_COMMAND_FLAGS = new Set(["-c", "-command", "--command"]);
const ENV_OPTIONS_WITH_VALUE = new Set([
"-u",
"--unset",
"-c",
"--chdir",
"-s",
"--split-string",
"--default-signal",
"--ignore-signal",
"--block-signal",
]);
const ENV_FLAG_OPTIONS = new Set(["-i", "--ignore-environment", "-0", "--null"]);
type ShellWrapperKind = "posix" | "cmd" | "powershell";
type ShellWrapperSpec = {
kind: ShellWrapperKind;
names: ReadonlySet<string>;
};
const SHELL_WRAPPER_SPECS: ReadonlyArray<ShellWrapperSpec> = [
{ kind: "posix", names: POSIX_SHELL_WRAPPERS },
{ kind: "cmd", names: WINDOWS_CMD_WRAPPERS },
{ kind: "powershell", names: POWERSHELL_WRAPPERS },
];
export type ShellWrapperCommand = {
isWrapper: boolean;
command: string | null;
};
export function basenameLower(token: string): string {
const win = path.win32.basename(token);
const posix = path.posix.basename(token);
const base = win.length < posix.length ? win : posix;
return base.trim().toLowerCase();
}
function normalizeRawCommand(rawCommand?: string | null): string | null {
const trimmed = rawCommand?.trim() ?? "";
return trimmed.length > 0 ? trimmed : null;
}
function findShellWrapperSpec(baseExecutable: string): ShellWrapperSpec | null {
for (const spec of SHELL_WRAPPER_SPECS) {
if (spec.names.has(baseExecutable)) {
return spec;
}
}
return null;
}
export function isEnvAssignment(token: string): boolean {
return /^[A-Za-z_][A-Za-z0-9_]*=.*/.test(token);
}
export function unwrapEnvInvocation(argv: string[]): string[] | null {
let idx = 1;
let expectsOptionValue = false;
while (idx < argv.length) {
const token = argv[idx]?.trim() ?? "";
if (!token) {
idx += 1;
continue;
}
if (expectsOptionValue) {
expectsOptionValue = false;
idx += 1;
continue;
}
if (token === "--" || token === "-") {
idx += 1;
break;
}
if (isEnvAssignment(token)) {
idx += 1;
continue;
}
if (token.startsWith("-") && token !== "-") {
const lower = token.toLowerCase();
const [flag] = lower.split("=", 2);
if (ENV_FLAG_OPTIONS.has(flag)) {
idx += 1;
continue;
}
if (ENV_OPTIONS_WITH_VALUE.has(flag)) {
if (!lower.includes("=")) {
expectsOptionValue = true;
}
idx += 1;
continue;
}
if (
lower.startsWith("-u") ||
lower.startsWith("-c") ||
lower.startsWith("-s") ||
lower.startsWith("--unset=") ||
lower.startsWith("--chdir=") ||
lower.startsWith("--split-string=") ||
lower.startsWith("--default-signal=") ||
lower.startsWith("--ignore-signal=") ||
lower.startsWith("--block-signal=")
) {
idx += 1;
continue;
}
return null;
}
break;
}
return idx < argv.length ? argv.slice(idx) : null;
}
export function unwrapDispatchWrappersForResolution(
argv: string[],
maxDepth = MAX_DISPATCH_WRAPPER_DEPTH,
): string[] {
let current = argv;
for (let depth = 0; depth < maxDepth; depth += 1) {
const token0 = current[0]?.trim();
if (!token0) {
break;
}
if (basenameLower(token0) !== "env") {
break;
}
const unwrapped = unwrapEnvInvocation(current);
if (!unwrapped || unwrapped.length === 0) {
break;
}
current = unwrapped;
}
return current;
}
function extractPosixShellInlineCommand(argv: string[]): string | null {
const flag = argv[1]?.trim();
if (!flag) {
return null;
}
if (!POSIX_INLINE_COMMAND_FLAGS.has(flag.toLowerCase())) {
return null;
}
const cmd = argv[2]?.trim();
return cmd ? cmd : null;
}
function extractCmdInlineCommand(argv: string[]): string | null {
const idx = argv.findIndex((item) => item.trim().toLowerCase() === "/c");
if (idx === -1) {
return null;
}
const tail = argv.slice(idx + 1);
if (tail.length === 0) {
return null;
}
const cmd = tail.join(" ").trim();
return cmd.length > 0 ? cmd : null;
}
function extractPowerShellInlineCommand(argv: string[]): string | null {
for (let i = 1; i < argv.length; i += 1) {
const token = argv[i]?.trim();
if (!token) {
continue;
}
const lower = token.toLowerCase();
if (lower === "--") {
break;
}
if (POWERSHELL_INLINE_COMMAND_FLAGS.has(lower)) {
const cmd = argv[i + 1]?.trim();
return cmd ? cmd : null;
}
}
return null;
}
function extractShellWrapperPayload(argv: string[], spec: ShellWrapperSpec): string | null {
switch (spec.kind) {
case "posix":
return extractPosixShellInlineCommand(argv);
case "cmd":
return extractCmdInlineCommand(argv);
case "powershell":
return extractPowerShellInlineCommand(argv);
}
}
function extractShellWrapperCommandInternal(
argv: string[],
rawCommand: string | null,
depth: number,
): ShellWrapperCommand {
if (depth >= MAX_DISPATCH_WRAPPER_DEPTH) {
return { isWrapper: false, command: null };
}
const token0 = argv[0]?.trim();
if (!token0) {
return { isWrapper: false, command: null };
}
const base0 = basenameLower(token0);
if (base0 === "env") {
const unwrapped = unwrapEnvInvocation(argv);
if (!unwrapped) {
return { isWrapper: false, command: null };
}
return extractShellWrapperCommandInternal(unwrapped, rawCommand, depth + 1);
}
const wrapper = findShellWrapperSpec(base0);
if (!wrapper) {
return { isWrapper: false, command: null };
}
const payload = extractShellWrapperPayload(argv, wrapper);
if (!payload) {
return { isWrapper: false, command: null };
}
return { isWrapper: true, command: rawCommand ?? payload };
}
export function extractShellWrapperCommand(
argv: string[],
rawCommand?: string | null,
): ShellWrapperCommand {
return extractShellWrapperCommandInternal(argv, normalizeRawCommand(rawCommand), 0);
}

163
src/infra/system-run-command.ts
View File

@@ -1,4 +1,4 @@
import path from "node:path";
import { extractShellWrapperCommand } from "./exec-wrapper-resolution.js";
export type SystemRunCommandValidation =
| {
@@ -26,163 +26,6 @@ export type ResolvedSystemRunCommand =
details?: Record<string, unknown>;
};
function basenameLower(token: string): string {
const win = path.win32.basename(token);
const posix = path.posix.basename(token);
const base = win.length < posix.length ? win : posix;
return base.trim().toLowerCase();
}
const POSIX_SHELL_WRAPPERS = new Set(["ash", "bash", "dash", "fish", "ksh", "sh", "zsh"]);
const WINDOWS_CMD_WRAPPERS = new Set(["cmd.exe", "cmd"]);
const POWERSHELL_WRAPPERS = new Set(["powershell", "powershell.exe", "pwsh", "pwsh.exe"]);
const ENV_OPTIONS_WITH_VALUE = new Set([
"-u",
"--unset",
"-c",
"--chdir",
"-s",
"--split-string",
"--default-signal",
"--ignore-signal",
"--block-signal",
]);
const ENV_FLAG_OPTIONS = new Set(["-i", "--ignore-environment", "-0", "--null"]);
function isEnvAssignment(token: string): boolean {
return /^[A-Za-z_][A-Za-z0-9_]*=.*/.test(token);
}
function unwrapEnvInvocation(argv: string[]): string[] | null {
let idx = 1;
let expectsOptionValue = false;
while (idx < argv.length) {
const token = argv[idx]?.trim() ?? "";
if (!token) {
idx += 1;
continue;
}
if (expectsOptionValue) {
expectsOptionValue = false;
idx += 1;
continue;
}
if (token === "--" || token === "-") {
idx += 1;
break;
}
if (isEnvAssignment(token)) {
idx += 1;
continue;
}
if (token.startsWith("-") && token !== "-") {
const lower = token.toLowerCase();
const [flag] = lower.split("=", 2);
if (ENV_FLAG_OPTIONS.has(flag)) {
idx += 1;
continue;
}
if (ENV_OPTIONS_WITH_VALUE.has(flag)) {
if (!lower.includes("=")) {
expectsOptionValue = true;
}
idx += 1;
continue;
}
if (
lower.startsWith("-u") ||
lower.startsWith("-c") ||
lower.startsWith("-s") ||
lower.startsWith("--unset=") ||
lower.startsWith("--chdir=") ||
lower.startsWith("--split-string=") ||
lower.startsWith("--default-signal=") ||
lower.startsWith("--ignore-signal=") ||
lower.startsWith("--block-signal=")
) {
idx += 1;
continue;
}
return null;
}
break;
}
return idx < argv.length ? argv.slice(idx) : null;
}
function extractPosixShellInlineCommand(argv: string[]): string | null {
const flag = argv[1]?.trim();
if (!flag) {
return null;
}
const lower = flag.toLowerCase();
if (lower !== "-lc" && lower !== "-c" && lower !== "--command") {
return null;
}
const cmd = argv[2]?.trim();
return cmd ? cmd : null;
}
function extractCmdInlineCommand(argv: string[]): string | null {
const idx = argv.findIndex((item) => String(item).trim().toLowerCase() === "/c");
if (idx === -1) {
return null;
}
const tail = argv.slice(idx + 1).map((item) => String(item));
if (tail.length === 0) {
return null;
}
const cmd = tail.join(" ").trim();
return cmd.length > 0 ? cmd : null;
}
function extractPowerShellInlineCommand(argv: string[]): string | null {
for (let i = 1; i < argv.length; i += 1) {
const token = argv[i]?.trim();
if (!token) {
continue;
}
const lower = token.toLowerCase();
if (lower === "--") {
break;
}
if (lower === "-c" || lower === "-command" || lower === "--command") {
const cmd = argv[i + 1]?.trim();
return cmd ? cmd : null;
}
}
return null;
}
function extractShellCommandFromArgvInternal(argv: string[], depth: number): string | null {
if (depth >= 4) {
return null;
}
const token0 = argv[0]?.trim();
if (!token0) {
return null;
}
const base0 = basenameLower(token0);
if (base0 === "env") {
const unwrapped = unwrapEnvInvocation(argv);
if (!unwrapped) {
return null;
}
return extractShellCommandFromArgvInternal(unwrapped, depth + 1);
}
if (POSIX_SHELL_WRAPPERS.has(base0)) {
return extractPosixShellInlineCommand(argv);
}
if (WINDOWS_CMD_WRAPPERS.has(base0)) {
return extractCmdInlineCommand(argv);
}
if (POWERSHELL_WRAPPERS.has(base0)) {
return extractPowerShellInlineCommand(argv);
}
return null;
}
export function formatExecCommand(argv: string[]): string {
return argv
.map((arg) => {
@@ -200,7 +43,7 @@ export function formatExecCommand(argv: string[]): string {
}
export function extractShellCommandFromArgv(argv: string[]): string | null {
return extractShellCommandFromArgvInternal(argv, 0);
return extractShellWrapperCommand(argv).command;
}
export function validateSystemRunCommandConsistency(params: {
@@ -211,7 +54,7 @@ export function validateSystemRunCommandConsistency(params: {
typeof params.rawCommand === "string" && params.rawCommand.trim().length > 0
? params.rawCommand.trim()
: null;
const shellCommand = extractShellCommandFromArgv(params.argv);
const shellCommand = extractShellWrapperCommand(params.argv).command;
const inferred = shellCommand !== null ? shellCommand.trim() : formatExecCommand(params.argv);
if (raw && raw !== inferred) {