Harden file path and message normalization error boundaries

cursoragent · shrisukhani · cursoragent · commit a24cfd708fd5 · 2026-02-14T00:57:11.000Z
Co-authored-by: Shri Sukhani &lt;shrisukhani@users.noreply.github.com&gt;
diff --git a/hyperbrowser/client/file_utils.py b/hyperbrowser/client/file_utils.py
@@ -5,31 +5,53 @@
 from hyperbrowser.exceptions import HyperbrowserError
 
 
+def _validate_error_message_text(message_value: str, *, field_name: str) -> None:
+    if not isinstance(message_value, str):
+        raise HyperbrowserError(f"{field_name} must be a string")
+    try:
+        normalized_message = message_value.strip()
+        if not isinstance(normalized_message, str):
+            raise TypeError(f"normalized {field_name} must be a string")
+        is_empty = len(normalized_message) == 0
+    except HyperbrowserError:
+        raise
+    except Exception as exc:
+        raise HyperbrowserError(
+            f"Failed to normalize {field_name}",
+            original_error=exc,
+        ) from exc
+    if is_empty:
+        raise HyperbrowserError(f"{field_name} must not be empty")
+    try:
+        contains_control_character = any(
+            ord(character) < 32 or ord(character) == 127
+            for character in message_value
+        )
+    except HyperbrowserError:
+        raise
+    except Exception as exc:
+        raise HyperbrowserError(
+            f"Failed to validate {field_name} characters",
+            original_error=exc,
+        ) from exc
+    if contains_control_character:
+        raise HyperbrowserError(f"{field_name} must not contain control characters")
+
+
 def ensure_existing_file_path(
     file_path: Union[str, PathLike[str]],
     *,
     missing_file_message: str,
     not_file_message: str,
 ) -> str:
-    if not isinstance(missing_file_message, str):
-        raise HyperbrowserError("missing_file_message must be a string")
-    if not missing_file_message.strip():
-        raise HyperbrowserError("missing_file_message must not be empty")
-    if any(
-        ord(character) < 32 or ord(character) == 127
-        for character in missing_file_message
-    ):
-        raise HyperbrowserError(
-            "missing_file_message must not contain control characters"
-        )
-    if not isinstance(not_file_message, str):
-        raise HyperbrowserError("not_file_message must be a string")
-    if not not_file_message.strip():
-        raise HyperbrowserError("not_file_message must not be empty")
-    if any(
-        ord(character) < 32 or ord(character) == 127 for character in not_file_message
-    ):
-        raise HyperbrowserError("not_file_message must not contain control characters")
+    _validate_error_message_text(
+        missing_file_message,
+        field_name="missing_file_message",
+    )
+    _validate_error_message_text(
+        not_file_message,
+        field_name="not_file_message",
+    )
     try:
         normalized_path = os.fspath(file_path)
     except HyperbrowserError:
@@ -43,17 +65,44 @@ def ensure_existing_file_path(
         raise HyperbrowserError("file_path is invalid", original_error=exc) from exc
     if not isinstance(normalized_path, str):
         raise HyperbrowserError("file_path must resolve to a string path")
-    if not normalized_path.strip():
+    try:
+        stripped_normalized_path = normalized_path.strip()
+        if not isinstance(stripped_normalized_path, str):
+            raise TypeError("normalized file_path must be a string")
+    except HyperbrowserError:
+        raise
+    except Exception as exc:
+        raise HyperbrowserError("file_path is invalid", original_error=exc) from exc
+    if not stripped_normalized_path:
         raise HyperbrowserError("file_path must not be empty")
-    if normalized_path != normalized_path.strip():
+    try:
+        has_surrounding_whitespace = normalized_path != stripped_normalized_path
+    except HyperbrowserError:
+        raise
+    except Exception as exc:
+        raise HyperbrowserError("file_path is invalid", original_error=exc) from exc
+    if has_surrounding_whitespace:
         raise HyperbrowserError(
             "file_path must not contain leading or trailing whitespace"
         )
-    if "\x00" in normalized_path:
+    try:
+        contains_null_byte = "\x00" in normalized_path
+    except HyperbrowserError:
+        raise
+    except Exception as exc:
+        raise HyperbrowserError("file_path is invalid", original_error=exc) from exc
+    if contains_null_byte:
         raise HyperbrowserError("file_path must not contain null bytes")
-    if any(
-        ord(character) < 32 or ord(character) == 127 for character in normalized_path
-    ):
+    try:
+        contains_control_character = any(
+            ord(character) < 32 or ord(character) == 127
+            for character in normalized_path
+        )
+    except HyperbrowserError:
+        raise
+    except Exception as exc:
+        raise HyperbrowserError("file_path is invalid", original_error=exc) from exc
+    if contains_control_character:
         raise HyperbrowserError("file_path must not contain control characters")
     try:
         path_exists = bool(os.path.exists(normalized_path))
diff --git a/tests/test_file_utils.py b/tests/test_file_utils.py
@@ -336,3 +336,157 @@ def __fspath__(self) -> str:
         )
 
     assert exc_info.value.original_error is None
+
+
+def test_ensure_existing_file_path_wraps_missing_message_strip_runtime_errors(
+    tmp_path: Path,
+):
+    class _BrokenMissingMessage(str):
+        def strip(self, chars=None):  # type: ignore[override]
+            _ = chars
+            raise RuntimeError("missing message strip exploded")
+
+    file_path = tmp_path / "file.txt"
+    file_path.write_text("content")
+
+    with pytest.raises(
+        HyperbrowserError, match="Failed to normalize missing_file_message"
+    ) as exc_info:
+        ensure_existing_file_path(
+            str(file_path),
+            missing_file_message=_BrokenMissingMessage("missing"),
+            not_file_message="not-file",
+        )
+
+    assert isinstance(exc_info.value.original_error, RuntimeError)
+
+
+def test_ensure_existing_file_path_wraps_missing_message_character_validation_failures(
+    tmp_path: Path,
+):
+    class _BrokenMissingMessage(str):
+        def strip(self, chars=None):  # type: ignore[override]
+            _ = chars
+            return self
+
+        def __iter__(self):
+            raise RuntimeError("missing message iteration exploded")
+
+    file_path = tmp_path / "file.txt"
+    file_path.write_text("content")
+
+    with pytest.raises(
+        HyperbrowserError, match="Failed to validate missing_file_message characters"
+    ) as exc_info:
+        ensure_existing_file_path(
+            str(file_path),
+            missing_file_message=_BrokenMissingMessage("missing"),
+            not_file_message="not-file",
+        )
+
+    assert isinstance(exc_info.value.original_error, RuntimeError)
+
+
+def test_ensure_existing_file_path_preserves_hyperbrowser_missing_message_strip_errors(
+    tmp_path: Path,
+):
+    class _BrokenMissingMessage(str):
+        def strip(self, chars=None):  # type: ignore[override]
+            _ = chars
+            raise HyperbrowserError("custom missing message strip failure")
+
+    file_path = tmp_path / "file.txt"
+    file_path.write_text("content")
+
+    with pytest.raises(
+        HyperbrowserError, match="custom missing message strip failure"
+    ) as exc_info:
+        ensure_existing_file_path(
+            str(file_path),
+            missing_file_message=_BrokenMissingMessage("missing"),
+            not_file_message="not-file",
+        )
+
+    assert exc_info.value.original_error is None
+
+
+def test_ensure_existing_file_path_wraps_not_file_message_strip_runtime_errors(
+    tmp_path: Path,
+):
+    class _BrokenNotFileMessage(str):
+        def strip(self, chars=None):  # type: ignore[override]
+            _ = chars
+            raise RuntimeError("not-file message strip exploded")
+
+    file_path = tmp_path / "file.txt"
+    file_path.write_text("content")
+
+    with pytest.raises(
+        HyperbrowserError, match="Failed to normalize not_file_message"
+    ) as exc_info:
+        ensure_existing_file_path(
+            str(file_path),
+            missing_file_message="missing",
+            not_file_message=_BrokenNotFileMessage("not-file"),
+        )
+
+    assert isinstance(exc_info.value.original_error, RuntimeError)
+
+
+def test_ensure_existing_file_path_wraps_file_path_strip_runtime_errors():
+    class _BrokenPath(str):
+        def strip(self, chars=None):  # type: ignore[override]
+            _ = chars
+            raise RuntimeError("path strip exploded")
+
+    with pytest.raises(HyperbrowserError, match="file_path is invalid") as exc_info:
+        ensure_existing_file_path(
+            _BrokenPath("/tmp/path.txt"),
+            missing_file_message="missing",
+            not_file_message="not-file",
+        )
+
+    assert isinstance(exc_info.value.original_error, RuntimeError)
+
+
+def test_ensure_existing_file_path_wraps_file_path_contains_runtime_errors():
+    class _BrokenPath(str):
+        def strip(self, chars=None):  # type: ignore[override]
+            _ = chars
+            return self
+
+        def __contains__(self, item):  # type: ignore[override]
+            _ = item
+            raise RuntimeError("path contains exploded")
+
+    with pytest.raises(HyperbrowserError, match="file_path is invalid") as exc_info:
+        ensure_existing_file_path(
+            _BrokenPath("/tmp/path.txt"),
+            missing_file_message="missing",
+            not_file_message="not-file",
+        )
+
+    assert isinstance(exc_info.value.original_error, RuntimeError)
+
+
+def test_ensure_existing_file_path_wraps_file_path_character_iteration_runtime_errors():
+    class _BrokenPath(str):
+        def strip(self, chars=None):  # type: ignore[override]
+            _ = chars
+            return self
+
+        def __contains__(self, item):  # type: ignore[override]
+            _ = item
+            return False
+
+        def __iter__(self):
+            raise RuntimeError("path iteration exploded")
+
+    with pytest.raises(HyperbrowserError, match="file_path is invalid") as exc_info:
+        ensure_existing_file_path(
+            _BrokenPath("/tmp/path.txt"),
+            missing_file_message="missing",
+            not_file_message="not-file",
+        )
+
+    assert isinstance(exc_info.value.original_error, RuntimeError)
