asp/keep
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
0e68e5ff03b0012aed956c70909cea3820f9542e
keep/src/modes/get.rs
Andrew Phillips a3eb9e7056 fix: address critical memory safety, error handling, concurrency and security issues 
This commit fixes several critical issues across the codebase:
1. Memory safety & resource leaks: Added proper cleanup for compression engine processes using RAII patterns
2. Error handling: Replaced unsafe unwrap() calls with proper error propagation using ok_or_else()?
3. Concurrency issues: Improved diff mode thread safety with proper error handling and RAII guards
4. Security concerns: Added validation for item IDs to prevent path traversal vulnerabilities
5. Database design: Wrapped database operations in transactions for atomicity in save/update modes

Co-authored-by: aider (openai/andrew/openrouter/qwen/qwen3-coder) <aider@aider.chat>
2025-08-09 23:33:06 -03:00

55 lines
1.9 KiB
Rust
Raw Blame History

use anyhow::anyhow;
use crate::compression_engine::{CompressionType, get_compression_engine};
use clap::Command;
use std::path::PathBuf;
use std::str::FromStr;
pub fn mode_get(
cmd: &mut Command,
args: &crate::Args,
ids: &mut Vec<i64>,
tags: &mut Vec<String>,
conn: &mut rusqlite::Connection,
data_path: PathBuf,
) -> anyhow::Result<()> {
if !ids.is_empty() && !tags.is_empty() {
cmd.error(clap::error::ErrorKind::InvalidValue, "Both ID and tags given, you must supply exactly one ID or at least one tag when using --get").exit();
} else if ids.len() > 1 {
cmd.error(clap::error::ErrorKind::InvalidValue, "More than one ID given, you must supply exactly one ID or at least one tag when using --get").exit();
}
let mut meta: std::collections::HashMap<String, String> = std::collections::HashMap::new();
for item in args.item.meta.iter() {
let item = item.clone();
meta.insert(item.key, item.value);
}
let item_maybe = match tags.is_empty() && meta.is_empty() {
true => match ids.iter().next() {
Some(item_id) => crate::db::get_item(conn, *item_id)?,
None => crate::db::get_item_last(conn)?,
},
false => crate::db::get_item_matching(conn, tags, &meta)?,
};
if let Some(item) = item_maybe {
let item_id = item.id.ok_or_else(|| anyhow!("Item missing ID"))?;
// Validate that item ID is positive to prevent path traversal issues
if item_id <= 0 {
return Err(anyhow!("Invalid item ID: {}", item_id));
}
let mut item_path = data_path.clone();
item_path.push(item_id.to_string());
let compression_type = CompressionType::from_str(&item.compression)?;
let compression_engine = get_compression_engine(compression_type)?;
compression_engine.cat(item_path.clone())?;
Ok(())
} else {
Err(anyhow!("Unable to find matching item in database"))
}
}
Reference in New Issue View Git Blame Copy Permalink