Protect stdout and stderr so JavaScript code can't accidentally write to stdout corrupting ink rendering (#13247)

Bypassing rules as link checker failure is spurious.

packages/cli/src/utils/cleanup.ts

@@ -9,12 +9,29 @@ import { join } from 'node:path';
 import { Storage } from '@google/gemini-cli-core';
 
 const cleanupFunctions: Array<(() => void) | (() => Promise<void>)> = [];
+const syncCleanupFunctions: Array<() => void> = [];
 
 export function registerCleanup(fn: (() => void) | (() => Promise<void>)) {
   cleanupFunctions.push(fn);
 }
 
+export function registerSyncCleanup(fn: () => void) {
+  syncCleanupFunctions.push(fn);
+}
+
+export function runSyncCleanup() {
+  for (const fn of syncCleanupFunctions) {
+    try {
+      fn();
+    } catch (_) {
+      // Ignore errors during cleanup.
+    }
+  }
+  syncCleanupFunctions.length = 0;
+}
+
 export async function runExitCleanup() {
+  runSyncCleanup();
   for (const fn of cleanupFunctions) {
     try {
       await fn();

packages/cli/src/utils/errors.ts

@@ -17,6 +17,7 @@ import {
   FatalToolExecutionError,
   isFatalToolError,
 } from '@google/gemini-cli-core';
+import { runSyncCleanup } from './cleanup.js';
 
 export function getErrorMessage(error: unknown): string {
   if (error instanceof Error) {
@@ -90,6 +91,7 @@ export function handleError(
       stats: streamFormatter.convertToStreamStats(metrics, 0),
     });
 
+    runSyncCleanup();
     process.exit(getNumericExitCode(errorCode));
   } else if (config.getOutputFormat() === OutputFormat.JSON) {
     const formatter = new JsonFormatter();
@@ -101,6 +103,7 @@ export function handleError(
     );
 
     console.error(formattedError);
+    runSyncCleanup();
     process.exit(getNumericExitCode(errorCode));
   } else {
     console.error(errorMessage);
@@ -154,6 +157,7 @@ export function handleToolError(
     } else {
       console.error(errorMessage);
     }
+    runSyncCleanup();
     process.exit(toolExecutionError.exitCode);
   }
 
@@ -180,6 +184,7 @@ export function handleCancellationError(config: Config): never {
       },
       stats: streamFormatter.convertToStreamStats(metrics, 0),
     });
+    runSyncCleanup();
     process.exit(cancellationError.exitCode);
   } else if (config.getOutputFormat() === OutputFormat.JSON) {
     const formatter = new JsonFormatter();
@@ -189,9 +194,11 @@ export function handleCancellationError(config: Config): never {
     );
 
     console.error(formattedError);
+    runSyncCleanup();
     process.exit(cancellationError.exitCode);
   } else {
     console.error(cancellationError.message);
+    runSyncCleanup();
     process.exit(cancellationError.exitCode);
   }
 }
@@ -217,6 +224,7 @@ export function handleMaxTurnsExceededError(config: Config): never {
       },
       stats: streamFormatter.convertToStreamStats(metrics, 0),
     });
+    runSyncCleanup();
     process.exit(maxTurnsError.exitCode);
   } else if (config.getOutputFormat() === OutputFormat.JSON) {
     const formatter = new JsonFormatter();
@@ -226,9 +234,11 @@ export function handleMaxTurnsExceededError(config: Config): never {
     );
 
     console.error(formattedError);
+    runSyncCleanup();
     process.exit(maxTurnsError.exitCode);
   } else {
     console.error(maxTurnsError.message);
+    runSyncCleanup();
     process.exit(maxTurnsError.exitCode);
   }
 }

packages/cli/src/utils/events.ts

@@ -9,7 +9,6 @@ import { EventEmitter } from 'node:events';
 
 export enum AppEvent {
   OpenDebugConsole = 'open-debug-console',
-  LogError = 'log-error',
   OauthDisplayMessage = 'oauth-display-message',
   Flicker = 'flicker',
   McpClientUpdate = 'mcp-client-update',
@@ -19,7 +18,6 @@ export enum AppEvent {
 
 export interface AppEvents extends ExtensionEvents {
   [AppEvent.OpenDebugConsole]: never[];
-  [AppEvent.LogError]: string[];
   [AppEvent.OauthDisplayMessage]: string[];
   [AppEvent.Flicker]: never[];
   [AppEvent.McpClientUpdate]: Array<Map<string, McpClient> | never>;

packages/cli/src/utils/installationInfo.test.ts

@@ -11,15 +11,14 @@ import * as path from 'node:path';
 import * as childProcess from 'node:child_process';
 import { isGitRepository, debugLogger } from '@google/gemini-cli-core';
 
-vi.mock('@google/gemini-cli-core', () => ({
-  isGitRepository: vi.fn(),
-  debugLogger: {
-    log: vi.fn(),
-    warn: vi.fn(),
-    error: vi.fn(),
-    debug: vi.fn(),
-  },
-}));
+vi.mock('@google/gemini-cli-core', async (importOriginal) => {
+  const actual =
+    await importOriginal<typeof import('@google/gemini-cli-core')>();
+  return {
+    ...actual,
+    isGitRepository: vi.fn(),
+  };
+});
 
 vi.mock('fs', async (importOriginal) => {
   const actualFs = await importOriginal<typeof fs>();
@@ -52,6 +51,7 @@ describe('getInstallationInfo', () => {
     originalArgv = [...process.argv];
     // Mock process.cwd() for isGitRepository
     vi.spyOn(process, 'cwd').mockReturnValue(projectRoot);
+    vi.spyOn(debugLogger, 'log').mockImplementation(() => {});
   });
 
   afterEach(() => {

packages/cli/src/utils/sessionCleanup.test.ts

@@ -7,7 +7,11 @@
 import { describe, it, expect, vi, beforeEach, afterEach } from 'vitest';
 import * as fs from 'node:fs/promises';
 import * as path from 'node:path';
-import { SESSION_FILE_PREFIX, type Config } from '@google/gemini-cli-core';
+import {
+  SESSION_FILE_PREFIX,
+  type Config,
+  debugLogger,
+} from '@google/gemini-cli-core';
 import type { Settings } from '../config/settings.js';
 import { cleanupExpiredSessions } from './sessionCleanup.js';
 import { type SessionInfo, getAllSessionFiles } from './sessionUtils.js';
@@ -389,7 +393,9 @@ describe('Session Cleanup', () => {
       );
       mockFs.unlink.mockResolvedValue(undefined);
 
-      const debugSpy = vi.spyOn(console, 'debug').mockImplementation(() => {});
+      const debugSpy = vi
+        .spyOn(debugLogger, 'debug')
+        .mockImplementation(() => {});
 
       await cleanupExpiredSessions(config, settings);
 

packages/cli/src/utils/stdio.test.ts

@@ -0,0 +1,68 @@
+/**
+ * @license
+ * Copyright 2025 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+import { describe, it, expect, vi, beforeEach, afterEach } from 'vitest';
+import { patchStdio, createInkStdio } from './stdio.js';
+import { coreEvents } from '@google/gemini-cli-core';
+
+vi.mock('@google/gemini-cli-core', () => ({
+  coreEvents: {
+    emitOutput: vi.fn(),
+  },
+}));
+
+describe('stdio utils', () => {
+  let originalStdoutWrite: typeof process.stdout.write;
+  let originalStderrWrite: typeof process.stderr.write;
+
+  beforeEach(() => {
+    originalStdoutWrite = process.stdout.write;
+    originalStderrWrite = process.stderr.write;
+  });
+
+  afterEach(() => {
+    process.stdout.write = originalStdoutWrite;
+    process.stderr.write = originalStderrWrite;
+    vi.restoreAllMocks();
+  });
+
+  it('patchStdio redirects stdout and stderr to coreEvents', () => {
+    const cleanup = patchStdio();
+
+    process.stdout.write('test stdout');
+    expect(coreEvents.emitOutput).toHaveBeenCalledWith(
+      false,
+      'test stdout',
+      undefined,
+    );
+
+    process.stderr.write('test stderr');
+    expect(coreEvents.emitOutput).toHaveBeenCalledWith(
+      true,
+      'test stderr',
+      undefined,
+    );
+
+    cleanup();
+
+    // Verify cleanup
+    expect(process.stdout.write).toBe(originalStdoutWrite);
+    expect(process.stderr.write).toBe(originalStderrWrite);
+  });
+
+  it('createInkStdio writes to real stdout/stderr bypassing patch', () => {
+    const cleanup = patchStdio();
+    const { stdout: inkStdout, stderr: inkStderr } = createInkStdio();
+
+    inkStdout.write('ink stdout');
+    expect(coreEvents.emitOutput).not.toHaveBeenCalled();
+
+    inkStderr.write('ink stderr');
+    expect(coreEvents.emitOutput).not.toHaveBeenCalled();
+
+    cleanup();
+  });
+});

packages/cli/src/utils/stdio.ts

@@ -0,0 +1,113 @@
+/**
+ * @license
+ * Copyright 2025 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+import { coreEvents } from '@google/gemini-cli-core';
+
+// Capture the original stdout and stderr write methods before any monkey patching occurs.
+const originalStdoutWrite = process.stdout.write.bind(process.stdout);
+const originalStderrWrite = process.stderr.write.bind(process.stderr);
+
+/**
+ * Writes to the real stdout, bypassing any monkey patching on process.stdout.write.
+ */
+export function writeToStdout(
+  ...args: Parameters<typeof process.stdout.write>
+): boolean {
+  return originalStdoutWrite(...args);
+}
+
+/**
+ * Writes to the real stderr, bypassing any monkey patching on process.stderr.write.
+ */
+export function writeToStderr(
+  ...args: Parameters<typeof process.stderr.write>
+): boolean {
+  return originalStderrWrite(...args);
+}
+
+/**
+ * Monkey patches process.stdout.write and process.stderr.write to redirect output to the provided logger.
+ * This prevents stray output from libraries (or the app itself) from corrupting the UI.
+ * Returns a cleanup function that restores the original write methods.
+ */
+export function patchStdio(): () => void {
+  const previousStdoutWrite = process.stdout.write;
+  const previousStderrWrite = process.stderr.write;
+
+  process.stdout.write = (
+    chunk: Uint8Array | string,
+    encodingOrCb?:
+      | BufferEncoding
+      | ((err?: NodeJS.ErrnoException | null) => void),
+    cb?: (err?: NodeJS.ErrnoException | null) => void,
+  ) => {
+    const encoding =
+      typeof encodingOrCb === 'string' ? encodingOrCb : undefined;
+    coreEvents.emitOutput(false, chunk, encoding);
+    const callback = typeof encodingOrCb === 'function' ? encodingOrCb : cb;
+    if (callback) {
+      callback();
+    }
+    return true;
+  };
+
+  process.stderr.write = (
+    chunk: Uint8Array | string,
+    encodingOrCb?:
+      | BufferEncoding
+      | ((err?: NodeJS.ErrnoException | null) => void),
+    cb?: (err?: NodeJS.ErrnoException | null) => void,
+  ) => {
+    const encoding =
+      typeof encodingOrCb === 'string' ? encodingOrCb : undefined;
+    coreEvents.emitOutput(true, chunk, encoding);
+    const callback = typeof encodingOrCb === 'function' ? encodingOrCb : cb;
+    if (callback) {
+      callback();
+    }
+    return true;
+  };
+
+  return () => {
+    process.stdout.write = previousStdoutWrite;
+    process.stderr.write = previousStderrWrite;
+  };
+}
+
+/**
+ * Creates proxies for process.stdout and process.stderr that use the real write methods
+ * (writeToStdout and writeToStderr) bypassing any monkey patching.
+ * This is used by Ink to render to the real output.
+ */
+export function createInkStdio() {
+  const inkStdout = new Proxy(process.stdout, {
+    get(target, prop, receiver) {
+      if (prop === 'write') {
+        return writeToStdout;
+      }
+      const value = Reflect.get(target, prop, receiver);
+      if (typeof value === 'function') {
+        return value.bind(target);
+      }
+      return value;
+    },
+  });
+
+  const inkStderr = new Proxy(process.stderr, {
+    get(target, prop, receiver) {
+      if (prop === 'write') {
+        return writeToStderr;
+      }
+      const value = Reflect.get(target, prop, receiver);
+      if (typeof value === 'function') {
+        return value.bind(target);
+      }
+      return value;
+    },
+  });
+
+  return { stdout: inkStdout, stderr: inkStderr };
+}