sanebox: handle --flag=path style of autodetected paths

2024-05-28 03:04:02 +00:00 · 2024-05-28 03:04:02 +00:00 · dcedb8d3f0
commit dcedb8d3f0
parent 8586db59f1
2 changed files with 22 additions and 6 deletions
--- a/hosts/common/programs/assorted.nix
+++ b/hosts/common/programs/assorted.nix
@ -511,7 +511,6 @@ in
      ".persist/plaintext"
    ];

-    # sed: there is an edgecase of `--file=<foo>`, wherein `foo` won't be whitelisted.
    gnused.sandbox.method = "bwrap";
    gnused.sandbox.autodetectCliPaths = "existingFile";
    gnused.sandbox.whitelistPwd = true;  #< `-i` flag creates a temporary file in pwd (?) and then moves it.
--- a/pkgs/additional/sanebox/sanebox
+++ b/pkgs/additional/sanebox/sanebox
@ -403,6 +403,8 @@ tryPath() {
 tryArgAsPath() {
  local arg=$1
  local how=$2
+  # norecurseFlag is used internally by this function when it recurses
+  local norecurseFlag=$3
  local path=
  case $arg in
    (/*)
@ -416,12 +418,27 @@ tryArgAsPath() {
      urldecode _path "${arg:7}"
      path=$_path
      ;;
-    (-*)
-      # 99% chance it's a CLI argument. if not, use `./-<...>`
-      return
-      ;;
    (*)
-      # assume relative path
+      # could be a CLI argument or a relative path
+      # want to handle:
+      # - `--file=$path`
+      # - `file=$path`
+      # - `$path`
+      if [ -z "$norecurseFlag" ]; then
+        local pathInFlag=${arg#*=}
+        if [ "$pathInFlag" != "$arg" ]; then
+          tryArgAsPath "$pathInFlag" "$how" --norecurse
+          # 0.01% chance this was a path which contained an equal sign and not a flag, but don't handle that for now:
+          return
+        fi
+      fi
+
+      if [ "${arg:0:1}" = "-" ]; then
+        # 99% chance it's a CLI argument. if not, use `./-<...>`
+        return
+      fi
+
+      # try it as a relative path
      path=$PWD/$arg
      ;;
  esac