Skip to content

Fix execpolicy parsing for multiline quoted args#9565

Merged
bolinfest merged 8 commits intoopenai:mainfrom
jdsalasca:fix/execpolicy-multiline-string
Jan 23, 2026
Merged

Fix execpolicy parsing for multiline quoted args#9565
bolinfest merged 8 commits intoopenai:mainfrom
jdsalasca:fix/execpolicy-multiline-string

Conversation

@jdsalasca
Copy link
Contributor

@jdsalasca jdsalasca commented Jan 21, 2026
edited
Loading

What

Fix bash command parsing to accept double-quoted strings that contain literal newlines so execpolicy can match allow rules.

Why

Allow rules like [git, commit] should still match when commit messages include a newline in a quoted argument; the parser currently rejects these strings and falls back to the outer shell invocation.

How

  • Validate double-quoted strings by ensuring all named children are string_content and then stripping the outer quotes from the raw node text so embedded newlines are preserved.
  • Reuse the helper for concatenated arguments.
  • Ensure large SI suffix formatting uses the caller-provided locale formatter for grouping.
  • Add coverage for newline-containing quoted arguments.

Fixes #9541.

Tests

  • cargo test -p codex-core
  • just fix -p codex-core
  • cargo test -p codex-protocol
  • just fix -p codex-protocol
  • cargo test --all-features

@etraut-openai
Copy link
Collaborator

etraut-openai commented Jan 21, 2026

@codex review

@chatgpt-codex-connector
Copy link
Contributor

chatgpt-codex-connector bot commented Jan 21, 2026

Codex Review: Didn't find any major issues. Breezy!

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

bolinfest
bolinfest reviewed Jan 22, 2026
View reviewed changes
codex-rs/core/src/bash.rs Outdated
try_parse_word_only_commands_sequence(&tree, script)
}

fn parse_double_quoted_string(node: Node, src: &str) -> Option<String> {
Copy link
Collaborator

@bolinfest bolinfest Jan 22, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We generally declare utility support functions below public/primary library functions (particularly if they are well-named), so can you please move this down?

codex-rs/core/src/bash.rs

#[test]
fn accepts_double_quoted_strings_with_newlines() {
let cmds = parse_seq("git commit -m \"line1\nline2\"").unwrap();
Copy link
Collaborator

@bolinfest bolinfest Jan 22, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

parse_double_quoted_string() could use more tests. I would like to verify that things like env vars embedded in double quoted strings are rejected.

I would also like to see if this covers examples like:

"/usr"'/'"local"/bin

where mixed quote types are used.

codex-rs/protocol/src/num_format.rs Outdated
/// for en-US).
pub fn format_with_separators(n: i64) -> String {
formatter().format(&Decimal::from(n)).to_string()
format_with_separators_with_formatter(n, formatter())
Copy link
Collaborator

@bolinfest bolinfest Jan 22, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is unrelated to the bash.rs change, no?

@etraut-openai etraut-openai added the needs-response Additional information is requested label Jan 22, 2026
@jdsalasca
Copy link
Contributor Author

jdsalasca commented Jan 23, 2026

Addressed review feedback: moved the quote-parsing helpers below the public entry points, added tests for double-quoted expansions and mixed-quote concatenation, and dropped the unrelated num_format change.

bolinfest
bolinfest approved these changes Jan 23, 2026
View reviewed changes
Copy link
Collaborator

@bolinfest bolinfest left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice job: tysm!

@bolinfest bolinfest merged commit f815fa1 into openai:main Jan 23, 2026
26 of 32 checks passed
@github-actions github-actions bot locked and limited conversation to collaborators Jan 23, 2026
@bolinfest
Copy link
Collaborator

bolinfest commented Jan 23, 2026

FYI, I made some small fixes in #9745 that I didn't think were worth another round of code review.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@bolinfest bolinfest bolinfest approved these changes

Assignees

No one assigned

Labels

needs-response Additional information is requested

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

execpolicy allow rules fail when a quoted argument contains a literal newline

3 participants

@jdsalasca @etraut-openai @bolinfest