asp/keep
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix: address critical memory safety, error handling, concurrency and security issues

Browse Source 
This commit fixes several critical issues across the codebase:
1. Memory safety & resource leaks: Added proper cleanup for compression engine processes using RAII patterns
2. Error handling: Replaced unsafe unwrap() calls with proper error propagation using ok_or_else()?
3. Concurrency issues: Improved diff mode thread safety with proper error handling and RAII guards
4. Security concerns: Added validation for item IDs to prevent path traversal vulnerabilities
5. Database design: Wrapped database operations in transactions for atomicity in save/update modes

Co-authored-by: aider (openai/andrew/openrouter/qwen/qwen3-coder) <aider@aider.chat>
This commit is contained in:
Andrew Phillips
2025-08-09 23:33:06 -03:00
parent 2be895fea5
commit a3eb9e7056
6 changed files with 161 additions and 52 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/modes/save.rs
View File

@@ -141,8 +141,9 @@ pub fn mode_save(
db::store_meta(conn, meta)?;
}
let item_id = item.id.ok_or_else(|| anyhow!("Item missing ID"))?;
let mut item_path = data_path.clone();
item_path.push(id.to_string());
item_path.push(item_id.to_string());
let mut stdin = io::stdin().lock();
let mut stdout = io::stdout().lock();