fix(node-host): sync rawCommand with hardened argv after executable path pinning (#33137)

Merged via squash. Prepared head SHA: a7987905f7 Co-authored-by: Sid-Qin <201593046+Sid-Qin@users.noreply.github.com> Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com> Reviewed-by: @gumadeiras
2026-06-07 22:09:57 +00:00 · 2026-03-05 00:30:33 +08:00
parent 4fb40497d4
commit c8ebd48e0f
4 changed files with 77 additions and 2 deletions
--- a/src/node-host/invoke-system-run-plan.ts
+++ b/src/node-host/invoke-system-run-plan.ts
@@ -3,7 +3,7 @@ import path from "node:path";
 import type { SystemRunApprovalPlan } from "../infra/exec-approvals.js";
 import { resolveCommandResolutionFromArgv } from "../infra/exec-command-resolution.js";
 import { sameFileIdentity } from "../infra/file-identity.js";
-import { resolveSystemRunCommand } from "../infra/system-run-command.js";
+import { formatExecCommand, resolveSystemRunCommand } from "../infra/system-run-command.js";

 export type ApprovedCwdSnapshot = {
  cwd: string;
@@ -144,6 +144,7 @@ export function hardenApprovedExecutionPaths(params: {
  | {
      ok: true;
      argv: string[];
+      argvChanged: boolean;
      cwd: string | undefined;
      approvedCwdSnapshot: ApprovedCwdSnapshot | undefined;
    }
@@ -152,6 +153,7 @@ export function hardenApprovedExecutionPaths(params: {
    return {
      ok: true,
      argv: params.argv,
+      argvChanged: false,
      cwd: params.cwd,
      approvedCwdSnapshot: undefined,
    };
@@ -172,6 +174,7 @@ export function hardenApprovedExecutionPaths(params: {
    return {
      ok: true,
      argv: params.argv,
+      argvChanged: false,
      cwd: hardenedCwd,
      approvedCwdSnapshot,
    };
@@ -190,6 +193,7 @@ export function hardenApprovedExecutionPaths(params: {
    return {
      ok: true,
      argv: params.argv,
+      argvChanged: false,
      cwd: hardenedCwd,
      approvedCwdSnapshot,
    };
@@ -203,11 +207,22 @@ export function hardenApprovedExecutionPaths(params: {
    };
  }

+  if (pinnedExecutable === params.argv[0]) {
+    return {
+      ok: true,
+      argv: params.argv,
+      argvChanged: false,
+      cwd: hardenedCwd,
+      approvedCwdSnapshot,
+    };
+  }
+
  const argv = [...params.argv];
  argv[0] = pinnedExecutable;
  return {
    ok: true,
    argv,
+    argvChanged: true,
    cwd: hardenedCwd,
    approvedCwdSnapshot,
  };
@@ -239,12 +254,15 @@ export function buildSystemRunApprovalPlan(params: {
  if (!hardening.ok) {
    return { ok: false, message: hardening.message };
  }
+  const rawCommand = hardening.argvChanged
+    ? formatExecCommand(hardening.argv) || null
+    : command.cmdText.trim() || null;
  return {
    ok: true,
    plan: {
      argv: hardening.argv,
      cwd: hardening.cwd ?? null,
-      rawCommand: command.cmdText.trim() || null,
+      rawCommand,
      agentId: normalizeString(params.agentId),
      sessionKey: normalizeString(params.sessionKey),
    },