initial commit#1
Conversation
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: a720867c4c
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| fmt.Fprintln(r.stderr, err) | ||
| return ExitStatus(2) | ||
| } | ||
| r.exit = exitStatus{} |
There was a problem hiding this comment.
If Reset cannot open an allowed root (for example, the directory is deleted or permissions change after New), it sets a fatal exit and returns before installing the wrapped open/readdir/exec handlers; Run then immediately clears that state with r.exit = exitStatus{} and continues. In that state the runner can execute with default unrestricted file handlers instead of denying access, so a transient AllowedPaths setup failure becomes a sandbox bypass rather than a hard failure.
Useful? React with 👍 / 👎.
| callCtx.Errf("%s: too many arguments\n", name) | ||
| return Result{Code: 1, BreakN: 1} |
There was a problem hiding this comment.
For break/continue with too many operands, this returns {Code: 1, BreakN: 1} without setting Exiting, so scripts keep running statements after the loop (e.g. for i in 1; do break 1 2; done; echo after). In non-interactive bash this error is fatal for the shell, so continuing execution here can change control flow and mask loop-control argument errors.
Useful? React with 👍 / 👎.
| if r.execHandler == nil { | ||
| r.execHandler = noExecHandler() | ||
| } |
There was a problem hiding this comment.
This path always installs noExecHandler when execHandler is unset, and there is no public RunnerOption in this package to set a non-default exec handler from outside interp. That makes the advertised external-command opt-in path unreachable for library consumers, so all non-builtin commands are permanently blocked even when callers need to enable a constrained executor.
Useful? React with 👍 / 👎.
1 participant
No description provided.