Fix race condition and panic in tests

blink-so[bot] · f0ssel · blink-so[bot] · commit d0a583b8d821 · 2025-09-11T20:56:17.000Z
- Add mutex synchronization to proxy server Start/Stop methods to prevent data races
- Add empty command array check in MacOSNetJail.Command to prevent slice bounds panic
- Ensure thread-safe access to httpServer and httpsServer fields
- Fix TestJail_Command empty command test case

Co-authored-by: f0ssel &lt;19379394+f0ssel@users.noreply.github.com&gt;
diff --git a/namespace/macos.go b/namespace/macos.go
@@ -112,6 +112,15 @@ func (m *MacOSNetJail) Start() error {
 func (m *MacOSNetJail) Command(command []string) *exec.Cmd {
 	m.logger.Debug("Command called", "command", command)
 
+	// Check for empty command
+	if len(command) == 0 {
+		m.logger.Error("Cannot create command: empty command array")
+		// Return a dummy command that will fail gracefully
+		cmd := exec.Command("false") // false command that always exits with status 1
+		cmd.Env = os.Environ()
+		return cmd
+	}
+
 	// Create command directly (no sg wrapper needed)
 	m.logger.Debug("Creating command with group membership", "groupID", m.restrictedGid)
 	cmd := exec.Command(command[0], command[1:]...)
diff --git a/proxy/proxy.go b/proxy/proxy.go
@@ -8,6 +8,7 @@ import (
 	"log/slog"
 	"net/http"
 	"net/url"
+	"sync"
 	"time"
 
 	"github.com/coder/jail/audit"
@@ -16,6 +17,7 @@ import (
 
 // Server handles HTTP and HTTPS requests with rule-based filtering
 type Server struct {
+	mu         sync.Mutex
 	ruleEngine rules.Evaluator
 	auditor    audit.Auditor
 	logger     *slog.Logger
@@ -51,6 +53,7 @@ func NewProxyServer(config Config) *Server {
 
 // Start starts both HTTP and HTTPS proxy servers
 func (p *Server) Start(ctx context.Context) error {
+	p.mu.Lock()
 	// Create HTTP server
 	p.httpServer = &http.Server{
 		Addr:    fmt.Sprintf(":%d", p.httpPort),
@@ -63,22 +66,33 @@ func (p *Server) Start(ctx context.Context) error {
 		Handler:   http.HandlerFunc(p.handleHTTPS),
 		TLSConfig: p.tlsConfig,
 	}
+	p.mu.Unlock()
 
 	// Start HTTP server
 	go func() {
 		p.logger.Info("Starting HTTP proxy", "port", p.httpPort)
-		err := p.httpServer.ListenAndServe()
-		if err != nil && err != http.ErrServerClosed {
-			p.logger.Error("HTTP proxy server error", "error", err)
+		p.mu.Lock()
+		httpServer := p.httpServer
+		p.mu.Unlock()
+		if httpServer != nil {
+			err := httpServer.ListenAndServe()
+			if err != nil && err != http.ErrServerClosed {
+				p.logger.Error("HTTP proxy server error", "error", err)
+			}
 		}
 	}()
 
 	// Start HTTPS server
 	go func() {
 		p.logger.Info("Starting HTTPS proxy", "port", p.httpsPort)
-		err := p.httpsServer.ListenAndServeTLS("", "")
-		if err != nil && err != http.ErrServerClosed {
-			p.logger.Error("HTTPS proxy server error", "error", err)
+		p.mu.Lock()
+		httpsServer := p.httpsServer
+		p.mu.Unlock()
+		if httpsServer != nil {
+			err := httpsServer.ListenAndServeTLS("", "")
+			if err != nil && err != http.ErrServerClosed {
+				p.logger.Error("HTTPS proxy server error", "error", err)
+			}
 		}
 	}()
 
@@ -92,12 +106,17 @@ func (p *Server) Stop() error {
 	ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
 	defer cancel()
 
+	p.mu.Lock()
+	httpServer := p.httpServer
+	httpsServer := p.httpsServer
+	p.mu.Unlock()
+
 	var httpErr, httpsErr error
-	if p.httpServer != nil {
-		httpErr = p.httpServer.Shutdown(ctx)
+	if httpServer != nil {
+		httpErr = httpServer.Shutdown(ctx)
 	}
-	if p.httpsServer != nil {
-		httpsErr = p.httpsServer.Shutdown(ctx)
+	if httpsServer != nil {
+		httpsErr = httpsServer.Shutdown(ctx)
 	}
 
 	if httpErr != nil {
