core: resolve host_executable() rules during preflight

2026-05-03 10:56:37 +00:00 · 2026-02-28 09:01:03 -08:00
parent 74e5150b1e
commit f38077e765
3 changed files with 175 additions and 7 deletions
--- a/codex-rs/shell-command/src/command_safety/is_dangerous_command.rs
+++ b/codex-rs/shell-command/src/command_safety/is_dangerous_command.rs
@@ -1,4 +1,5 @@
 use crate::bash::parse_shell_lc_plain_commands;
+use std::path::Path;
 #[cfg(windows)]
 #[path = "windows_dangerous_commands.rs"]
 mod windows_dangerous_commands;
@@ -52,6 +53,32 @@ fn is_git_global_option_with_inline_value(arg: &str) -> bool {
    ) || ((arg.starts_with("-C") || arg.starts_with("-c")) && arg.len() > 2)
 }

+pub(crate) fn executable_name_lookup_key(raw: &str) -> Option<String> {
+    #[cfg(windows)]
+    {
+        Path::new(raw)
+            .file_name()
+            .and_then(|name| name.to_str())
+            .map(|name| {
+                let name = name.to_ascii_lowercase();
+                for suffix in [".exe", ".cmd", ".bat", ".com"] {
+                    if let Some(stripped) = name.strip_suffix(suffix) {
+                        return stripped.to_string();
+                    }
+                }
+                name
+            })
+    }
+
+    #[cfg(not(windows))]
+    {
+        Path::new(raw)
+            .file_name()
+            .and_then(|name| name.to_str())
+            .map(std::borrow::ToOwned::to_owned)
+    }
+}
+
 /// Find the first matching git subcommand, skipping known global options that
 /// may appear before it (e.g., `-C`, `-c`, `--git-dir`).
 ///
@@ -61,7 +88,7 @@ pub(crate) fn find_git_subcommand<'a>(
    subcommands: &[&str],
 ) -> Option<(usize, &'a str)> {
    let cmd0 = command.first().map(String::as_str)?;
-    if !cmd0.ends_with("git") {
+    if executable_name_lookup_key(cmd0).as_deref() != Some("git") {
        return None;
    }

--- a/codex-rs/shell-command/src/command_safety/is_safe_command.rs
+++ b/codex-rs/shell-command/src/command_safety/is_safe_command.rs
@@ -1,4 +1,5 @@
 use crate::bash::parse_shell_lc_plain_commands;
+use crate::command_safety::is_dangerous_command::executable_name_lookup_key;
 // Find the first matching git subcommand, skipping known global options that
 // may appear before it (e.g., `-C`, `-c`, `--git-dir`).
 // Implemented in `is_dangerous_command` and shared here.
@@ -47,10 +48,7 @@ fn is_safe_to_call_with_exec(command: &[String]) -> bool {
        return false;
    };

-    match std::path::Path::new(&cmd0)
-        .file_name()
-        .and_then(|osstr| osstr.to_str())
-    {
+    match executable_name_lookup_key(cmd0).as_deref() {
        Some(cmd) if cfg!(target_os = "linux") && matches!(cmd, "numfmt" | "tac") => true,

        #[rustfmt::skip]
@@ -495,6 +493,18 @@ mod tests {
        ])));
    }

+    #[test]
+    fn windows_git_full_path_is_safe() {
+        if !cfg!(windows) {
+            return;
+        }
+
+        assert!(is_known_safe_command(&vec_str(&[
+            r"C:\Program Files\Git\cmd\git.exe",
+            "status",
+        ])));
+    }
+
    #[test]
    fn bash_lc_safe_examples() {
        assert!(is_known_safe_command(&vec_str(&["bash", "-lc", "ls"])));