Merge pull request #2911 from abertelrud/eng/68374424-invoke-commands-from-fixed-locations

SwiftPM should be more resilient against random binaries named `xcrun` and `sandbox-exec` in the PATH.

Author: abertelrud

Sources/PackageLoading/ManifestLoader.swift

@@ -741,7 +741,7 @@ public final class ManifestLoader: ManifestLoaderProtocol {
                         moduleCachePath.map({ AbsolutePath($0) })
                     ].compactMap({ $0 })
                     let profile = sandboxProfile(toolsVersion: toolsVersion, cacheDirectories: cacheDirectories)
-                    cmd = ["sandbox-exec", "-p", profile] + cmd
+                    cmd = ["/usr/bin/sandbox-exec", "-p", profile] + cmd
                 }
               #endif
 

Sources/PackageLoading/MinimumDeploymentTarget.swift

@@ -25,7 +25,7 @@ public struct MinimumDeploymentTarget {
     }
 
     static func computeMinimumDeploymentTarget(of binaryPath: AbsolutePath) throws -> PlatformVersion? {
-        let runResult = try Process.popen(arguments: ["xcrun", "vtool", "-show-build", binaryPath.pathString])
+        let runResult = try Process.popen(arguments: ["/usr/bin/xcrun", "vtool", "-show-build", binaryPath.pathString])
         guard let versionString = try runResult.utf8Output().components(separatedBy: "\n").first(where: { $0.contains("minos") })?.components(separatedBy: " ").last else { return nil }
         return PlatformVersion(versionString)
     }
@@ -45,7 +45,7 @@ public struct MinimumDeploymentTarget {
         // On macOS, we are determining the deployment target by looking at the XCTest binary.
         #if os(macOS)
         do {
-            let runResult = try Process.popen(arguments: ["xcrun", "--sdk", sdkName, "--show-sdk-platform-path"])
+            let runResult = try Process.popen(arguments: ["/usr/bin/xcrun", "--sdk", sdkName, "--show-sdk-platform-path"])
 
             if let version = try computeXCTestMinimumDeploymentTarget(with: runResult) {
                 return version

Tests/CommandsTests/PackageToolTests.swift

@@ -754,4 +754,36 @@ final class PackageToolTests: XCTestCase {
             }
         }
     }
+    
+    func testPackageLoadingCommandPathResilience() throws {
+      #if os(macOS)
+        fixture(name: "ValidLayouts/SingleModule") { prefix in
+            mktmpdir { tmpdir in
+                // Create fake `xcrun` and `sandbox-exec` commands.
+                let fakeBinDir = tmpdir
+                for fakeCmdName in ["xcrun", "sandbox-exec"] {
+                    let fakeCmdPath = fakeBinDir.appending(component: fakeCmdName)
+                    try localFileSystem.writeFileContents(fakeCmdPath, body: { stream in
+                        stream <<< """
+                        #!/bin/sh
+                        echo "wrong \(fakeCmdName) invoked"
+                        exit 1
+                        """
+                    })
+                    try localFileSystem.chmod(.executable, path: fakeCmdPath)
+                }
+                
+                // Invoke `swift-package`, passing in the overriding `PATH` environment variable.
+                let packageRoot = prefix.appending(component: "Library")
+                let patchedPATH = fakeBinDir.pathString + ":" + ProcessInfo.processInfo.environment["PATH"]!
+                let result = try SwiftPMProduct.SwiftPackage.executeProcess(["dump-package"], packagePath: packageRoot, env: ["PATH": patchedPATH])
+                let textOutput = try result.utf8Output() + result.utf8stderrOutput()
+                
+                // Check that the wrong tools weren't invoked.  We can't just check the exit code because of fallbacks.
+                XCTAssertNoMatch(textOutput, .contains("wrong xcrun invoked"))
+                XCTAssertNoMatch(textOutput, .contains("wrong sandbox-exec invoked"))
+            }
+        }
+      #endif
+    }
 }