mirror of
https://github.com/garrytan/gstack.git
synced 2026-07-01 22:15:43 +02:00
fix: harden auth-token validation, TDZ try/catch, lockfile path safety
Three security hardening fixes from /ship adversarial review: 1. AUTH_TOKEN unicode-whitespace bypass (server.ts:67-83). Old: `process.env.AUTH_TOKEN?.trim() || randomUUID()` only stripped ASCII whitespace. A misconfigured embedder shipping AUTH_TOKEN=$'' (BOM) or $'' (zero-width space) would silently get a one-character bearer secret. New `sanitizeAuthToken()` strips all unicode whitespace via regex and requires >= 16 chars after stripping; anything shorter falls back to crypto.randomUUID(). Same sanitizer used by `resolveConfigFromEnv()` so the embedder path is hardened too. 2. security-classifier.ts checkTranscript safety net. `resolveClaudeCommand()` and `spawn()` can throw under transient conditions (PATH probe failure, posix_spawn ENOMEM). Old code let the throw propagate and rejected the Promise with a raw exception. Now wrapped in try/catch that calls finish() with a degraded signal, matching the graceful-degradation contract the layer already promises for missing-CLI / exit-nonzero / parse-error. 3. cleanSingletonLocks defensive guard tightened (config.ts). Old: basename === 'chromium-profile' OR userDataDir === $CHROMIUM_PROFILE. The second branch was env-controlled and the first was bypassable by passing a relative path that resolved to chromium-profile via CWD drift. New guard: refuses relative paths outright, resolves both sides via path.resolve(), and only accepts the env-match path when $CHROMIUM_PROFILE is itself absolute. Test updates: replace the old `.trim()` test with three new cases covering unicode-whitespace stripping, short-token rejection, and zero-width-only rejection (server-factory.test.ts). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -511,16 +511,29 @@ export async function checkTranscript(params: {
|
||||
resolve(signal);
|
||||
};
|
||||
|
||||
const claude = resolveClaudeCommand();
|
||||
// Wrap resolveClaudeCommand + spawn in try/catch so any unexpected
|
||||
// throw (PATH probe failure, transient FS error) degrades gracefully
|
||||
// instead of rejecting the Promise with a raw exception.
|
||||
let claude: ReturnType<typeof resolveClaudeCommand>;
|
||||
try {
|
||||
claude = resolveClaudeCommand();
|
||||
} catch (err: any) {
|
||||
return finish({ layer: 'transcript_classifier', confidence: 0, meta: { degraded: true, reason: `resolve_error_${err?.message ?? 'unknown'}` } });
|
||||
}
|
||||
if (!claude) {
|
||||
return finish({ layer: 'transcript_classifier', confidence: 0, meta: { degraded: true, reason: 'claude_cli_not_found' } });
|
||||
}
|
||||
const p = spawn(claude.command, [
|
||||
...claude.argsPrefix,
|
||||
'-p', prompt,
|
||||
'--model', HAIKU_MODEL,
|
||||
'--output-format', 'json',
|
||||
], { stdio: ['ignore', 'pipe', 'pipe'], cwd: os.tmpdir() });
|
||||
let p: ReturnType<typeof spawn>;
|
||||
try {
|
||||
p = spawn(claude.command, [
|
||||
...claude.argsPrefix,
|
||||
'-p', prompt,
|
||||
'--model', HAIKU_MODEL,
|
||||
'--output-format', 'json',
|
||||
], { stdio: ['ignore', 'pipe', 'pipe'], cwd: os.tmpdir() });
|
||||
} catch (err: any) {
|
||||
return finish({ layer: 'transcript_classifier', confidence: 0, meta: { degraded: true, reason: `spawn_throw_${err?.message ?? 'unknown'}` } });
|
||||
}
|
||||
|
||||
p.stdout.on('data', (d: Buffer) => (stdout += d.toString()));
|
||||
p.on('exit', (code) => {
|
||||
|
||||
Reference in New Issue
Block a user