fix: address critical memory safety, error handling, concurrency and security issues

This commit fixes several critical issues across the codebase: 1. Memory safety & resource leaks: Added proper cleanup for compression engine processes using RAII patterns 2. Error handling: Replaced unsafe unwrap() calls with proper error propagation using ok_or_else()? 3. Concurrency issues: Improved diff mode thread safety with proper error handling and RAII guards 4. Security concerns: Added validation for item IDs to prevent path traversal vulnerabilities 5. Database design: Wrapped database operations in transactions for atomicity in save/update modes Co-authored-by: aider (openai/andrew/openrouter/qwen/qwen3-coder) <aider@aider.chat>
2025-08-09 23:33:06 -03:00
parent 2be895fea5
commit a3eb9e7056
6 changed files with 161 additions and 52 deletions
--- a/src/modes/delete.rs
+++ b/src/modes/delete.rs
@@ -35,6 +35,11 @@ pub fn mode_delete(
            debug!("MAIN: Found item {:?}", item);
            db::delete_item(conn, item)?;

+            // Validate that item ID is positive to prevent path traversal issues
+            if *item_id <= 0 {
+                return Err(anyhow!("Invalid item ID: {}", item_id));
+            }
+            
            let mut item_path = data_path.clone();
            item_path.push(item_id.to_string());