Ayuriel/openclaw
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor(macos): tighten wrapper resolution follow-ups

Browse Source
This commit is contained in:
Nimrod Gutman 2026-03-19 15:20:20 +02:00
parent fbbf389359
commit e4b70ea497
2 changed files with 19 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
apps/macos/Sources/OpenClaw/ExecWrapperResolution.swift
View File

@ -361,7 +361,7 @@ enum ExecWrapperResolution {
var idx = 1 var idx = 1
var expectsOptionValue = false var expectsOptionValue = false
while idx < argv.count { scanLoop: while idx < argv.count {
let token = argv[idx].trimmingCharacters(in: .whitespacesAndNewlines) let token = argv[idx].trimmingCharacters(in: .whitespacesAndNewlines)
if token.isEmpty { if token.isEmpty {
idx += 1 idx += 1
@ -380,7 +380,7 @@ enum ExecWrapperResolution {
let directive = onToken(token, token.lowercased()) let directive = onToken(token, token.lowercased())
switch directive { switch directive {
case .stop: case .stop:
break break scanLoop
case .invalid: case .invalid:
return nil return nil
case .consumeNext: case .consumeNext:
@ -388,10 +388,6 @@ enum ExecWrapperResolution {
case .continueScan: case .continueScan:
break break
} }
if directive == .stop {
break
}
idx += 1 idx += 1
} }

17
apps/macos/Tests/OpenClawIPCTests/ExecAllowlistTests.swift
View File

@ -273,6 +273,23 @@ struct ExecAllowlistTests {
#expect(resolutions[1].executableName == "whoami") #expect(resolutions[1].executableName == "whoami")
} }
@Test func `resolve for allowlist resolves blocked busybox applets to busybox itself`() throws {
let tmp = try makeTempDirForTests()
let busybox = tmp.appendingPathComponent("busybox")
try makeExecutableForTests(at: busybox)
let resolutions = ExecCommandResolution.resolveForAllowlist(
command: [busybox.path, "sed", "-n", "1p"],
rawCommand: nil,
cwd: tmp.path,
env: ["PATH": "\(tmp.path):/usr/bin:/bin"])
#expect(resolutions.count == 1)
#expect(resolutions[0].rawExecutable == busybox.path)
#expect(resolutions[0].resolvedPath == busybox.path)
#expect(resolutions[0].executableName == "busybox")
}
@Test func `resolve for allowlist unwraps dispatch wrappers before shell wrappers`() throws { @Test func `resolve for allowlist unwraps dispatch wrappers before shell wrappers`() throws {
let tmp = try makeTempDirForTests() let tmp = try makeTempDirForTests()
let whoami = tmp.appendingPathComponent("whoami") let whoami = tmp.appendingPathComponent("whoami")