fix: block commands that exceed recursion depth

kenryu42 · kenryu42 · commit b2eed5e82b26 · 2026-01-14T02:59:24.000+09:00
Previously, commands exceeding MAX_RECURSION_DEPTH returned null which
allowed them through. Now they are blocked with a clear reason message.
Also increases MAX_RECURSION_DEPTH from 5 to 10 to handle more deeply
nested shell wrapper commands.
diff --git a/src/core/analyze/analyze-command.ts b/src/core/analyze/analyze-command.ts
@@ -13,6 +13,9 @@ import { analyzeSegment, segmentChangesCwd } from './segment.ts';
 const REASON_STRICT_UNPARSEABLE =
   'Command could not be safely analyzed (strict mode). Verify manually.';
 
+const REASON_RECURSION_LIMIT =
+  'Command exceeds maximum recursion depth and cannot be safely analyzed.';
+
 export type InternalOptions = AnalyzeOptions & { config: Config };
 
 export function analyzeCommandInternal(
@@ -21,7 +24,7 @@ export function analyzeCommandInternal(
   options: InternalOptions,
 ): AnalyzeResult | null {
   if (depth >= MAX_RECURSION_DEPTH) {
-    return null;
+    return { reason: REASON_RECURSION_LIMIT, segment: command };
   }
 
   const segments = splitShellCommands(command);
diff --git a/src/types.ts b/src/types.ts
@@ -116,7 +116,7 @@ export interface AuditLogEntry {
 }
 
 /** Constants */
-export const MAX_RECURSION_DEPTH = 5;
+export const MAX_RECURSION_DEPTH = 10;
 export const MAX_STRIP_ITERATIONS = 20;
 
 export const NAME_PATTERN = /^[a-zA-Z][a-zA-Z0-9_-]{0,63}$/;
diff --git a/tests/edge-cases.test.ts b/tests/edge-cases.test.ts
@@ -643,13 +643,12 @@ describe('edge cases', () => {
   });
 
   describe('recursion', () => {
-    test('shell dash c recursion limit reached returns null', () => {
+    test('shell dash c recursion limit reached blocks command', () => {
       let cmd = 'rm -rf /some/path';
-      for (let i = 0; i < 6; i++) {
+      for (let i = 0; i < 11; i++) {
         cmd = `bash -c ${JSON.stringify(cmd)}`;
       }
-      const result = runGuard(cmd);
-      expect(result).toBeNull();
+      assertBlocked(cmd, 'recursion');
     });
   });
 
@@ -714,23 +713,20 @@ describe('edge cases', () => {
   });
 
   describe('recursion depth boundary', () => {
-    test('shell dash c recursion at exactly MAX_RECURSION_DEPTH (5) returns null', () => {
+    test('shell dash c recursion at exactly MAX_RECURSION_DEPTH (10) blocks', () => {
       let cmd = 'rm -rf /some/path';
-      for (let i = 0; i < 5; i++) {
+      for (let i = 0; i < 10; i++) {
         cmd = `bash -c ${JSON.stringify(cmd)}`;
       }
-      const result = runGuard(cmd);
-      expect(result).toBeNull();
+      assertBlocked(cmd, 'recursion');
     });
 
-    test('shell dash c recursion at depth 4 still blocks', () => {
+    test('shell dash c recursion at depth 9 still blocks with rm reason', () => {
       let cmd = 'rm -rf /some/path';
-      for (let i = 0; i < 4; i++) {
+      for (let i = 0; i < 9; i++) {
         cmd = `bash -c ${JSON.stringify(cmd)}`;
       }
-      const result = runGuard(cmd);
-      expect(result).not.toBeNull();
-      expect(result).toContain('rm -rf');
+      assertBlocked(cmd, 'rm -rf');
     });
   });
 

Original file line number	Diff line number	Diff line change
`@@ -116,7 +116,7 @@ export interface AuditLogEntry {`
`116`	`116`	`}`
`117`	`117`
`118`	`118`	`/** Constants */`
`119`		`-export const MAX_RECURSION_DEPTH = 5;`
	`119`	`+export const MAX_RECURSION_DEPTH = 10;`
`120`	`120`	`export const MAX_STRIP_ITERATIONS = 20;`
`121`	`121`
`122`	`122`	`export const NAME_PATTERN = /^[a-zA-Z][a-zA-Z0-9_-]{0,63}$/;`