vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-26 12:15:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

Harden macOS shell wrapper allowlist parsing [AI] (#78518)

Browse Source 
* fix: harden shell wrapper allowlist parsing

* fix: harden shell wrapper approval binding

* docs: add changelog entry for PR merge

---------

Co-authored-by: Ishaan <ishaan@Ishaans-Mac-mini.local>
This commit is contained in:
Pavan Kumar Gondhi
2026-05-08 10:18:41 +05:30
committed by GitHub
parent eabae023eb
commit fc065b2693
23 changed files with 1200 additions and 204 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
src/infra/command-explainer/extract.ts
View File

@@ -10,6 +10,7 @@ import {
import { normalizeExecutableToken } from "../exec-wrapper-resolution.js";
import {
extractShellWrapperCommand,
extractShellWrapperInlineCommand,
isShellWrapperExecutable,
POSIX_SHELL_WRAPPERS,
resolveShellWrapperTransportArgv,
@@ -876,14 +877,11 @@ function shellWrapperPayloadForParsing(
dynamicArguments: DynamicArgument[],
): { command: string; spanBase: SpanBase } | null {
const shellWrapper = extractShellWrapperCommand(argv);
if (
!shellWrapper.isWrapper ||
!shellWrapper.command ||
isDynamicPayload(shellWrapper.command, dynamicArguments)
) {
const payload = shellWrapper.command ?? extractShellWrapperInlineCommand(argv);
if (!shellWrapper.isWrapper || !payload || isDynamicPayload(payload, dynamicArguments)) {
return null;
}
const spanBase = payloadBaseFromArguments(shellWrapper.command, argumentsList);
const spanBase = payloadBaseFromArguments(payload, argumentsList);
if (!spanBase) {
return null;
}
@@ -892,7 +890,7 @@ function shellWrapperPayloadForParsing(
if (!canParseShellWrapperPayload(transportArgv, commandFlag?.flag ?? null)) {
return null;
}
return { command: shellWrapper.command, spanBase };
return { command: payload, spanBase };
}
type InlineEvalHit = InterpreterInlineEvalHit;
@@ -947,7 +945,8 @@ function recordCommandRisks(
}
const shellWrapper = extractShellWrapperCommand(argv);
if (shellWrapper.isWrapper && shellWrapper.command) {
const shellWrapperPayload = shellWrapper.command ?? extractShellWrapperInlineCommand(argv);
if (shellWrapper.isWrapper && shellWrapperPayload) {
const transportArgv = resolveShellWrapperTransportArgv(argv) ?? argv;
const shellExecutable = transportArgv[0] ?? executable;
const commandFlag = shellCommandFlag(transportArgv, 1) ?? shellCommandFlag(argv, 1);
@@ -956,7 +955,7 @@ function recordCommandRisks(
kind: "shell-wrapper",
executable: shellExecutable,
flag: commandFlag?.flag ?? "-c",
payload: shellWrapper.command,
payload: shellWrapperPayload,
text,
span,
});