fix: harden agent writeback safety
This commit is contained in:
Yoilun
@@ -3,7 +3,9 @@ package server
|
||||
import (
|
||||
"encoding/json"
|
||||
"errors"
|
||||
"io"
|
||||
"net/http"
|
||||
"os"
|
||||
"strings"
|
||||
|
||||
"codex-agent-manager/internal/agents"
|
||||
@@ -14,6 +16,8 @@ import (
|
||||
"codex-agent-manager/internal/workflow"
|
||||
)
|
||||
|
||||
const agentDraftBodyLimit = 1 << 20
|
||||
|
||||
func New(cfg app.Config) http.Handler {
|
||||
mux := http.NewServeMux()
|
||||
agentStore := agents.Store{CodexHome: cfg.CodexHome}
|
||||
@@ -129,8 +133,7 @@ func parseAgentActionPath(path string) (string, string, bool) {
|
||||
|
||||
func handleAgentValidate(w http.ResponseWriter, r *http.Request, store agents.Store, id string) {
|
||||
var body validateRequest
|
||||
if err := json.NewDecoder(r.Body).Decode(&body); err != nil {
|
||||
writeJSON(w, http.StatusBadRequest, map[string]string{"error": "请求体不是有效 JSON"})
|
||||
if !decodeAgentJSON(w, r, &body) {
|
||||
return
|
||||
}
|
||||
result, err := store.ValidateDraft(id, body.Content)
|
||||
@@ -143,8 +146,7 @@ func handleAgentValidate(w http.ResponseWriter, r *http.Request, store agents.St
|
||||
|
||||
func handleAgentWrite(w http.ResponseWriter, r *http.Request, store agents.Store, id string) {
|
||||
var body writeRequest
|
||||
if err := json.NewDecoder(r.Body).Decode(&body); err != nil {
|
||||
writeJSON(w, http.StatusBadRequest, map[string]string{"error": "请求体不是有效 JSON"})
|
||||
if !decodeAgentJSON(w, r, &body) {
|
||||
return
|
||||
}
|
||||
result, err := store.WriteDraft(id, body.Content, body.ExpectedHash)
|
||||
@@ -155,14 +157,53 @@ func handleAgentWrite(w http.ResponseWriter, r *http.Request, store agents.Store
|
||||
writeJSON(w, http.StatusOK, result)
|
||||
}
|
||||
|
||||
func decodeAgentJSON(w http.ResponseWriter, r *http.Request, dest any) bool {
|
||||
r.Body = http.MaxBytesReader(w, r.Body, agentDraftBodyLimit)
|
||||
decoder := json.NewDecoder(r.Body)
|
||||
if err := decoder.Decode(dest); err != nil {
|
||||
writeAgentDecodeError(w, err)
|
||||
return false
|
||||
}
|
||||
var extra any
|
||||
if err := decoder.Decode(&extra); err != io.EOF {
|
||||
if err != nil {
|
||||
writeAgentDecodeError(w, err)
|
||||
return false
|
||||
}
|
||||
writeJSON(w, http.StatusBadRequest, map[string]string{"error": "请求体不是有效 JSON"})
|
||||
return false
|
||||
}
|
||||
return true
|
||||
}
|
||||
|
||||
func writeAgentDecodeError(w http.ResponseWriter, err error) {
|
||||
var maxBytesErr *http.MaxBytesError
|
||||
if errors.As(err, &maxBytesErr) {
|
||||
writeJSON(w, http.StatusRequestEntityTooLarge, map[string]string{"error": "请求体过大"})
|
||||
return
|
||||
}
|
||||
writeJSON(w, http.StatusBadRequest, map[string]string{"error": "请求体不是有效 JSON"})
|
||||
}
|
||||
|
||||
func writeAgentError(w http.ResponseWriter, err error) {
|
||||
status := http.StatusBadRequest
|
||||
message := "写回失败"
|
||||
if errors.Is(err, agents.ErrWriteConflict) {
|
||||
status = http.StatusConflict
|
||||
message = "内容已变化,请重新校验"
|
||||
} else if errors.Is(err, codexhome.ErrForbiddenPath) || errors.Is(err, codexhome.ErrOutsideCodexHome) {
|
||||
status = http.StatusForbidden
|
||||
message = "路径不安全"
|
||||
} else if os.IsNotExist(err) {
|
||||
status = http.StatusNotFound
|
||||
message = "目标智能体不存在"
|
||||
} else if strings.Contains(err.Error(), "第 ") ||
|
||||
strings.Contains(err.Error(), "TOML") ||
|
||||
strings.Contains(err.Error(), "字符串字段") ||
|
||||
strings.Contains(err.Error(), "仅支持字符串字段") {
|
||||
message = "TOML 无效:" + err.Error()
|
||||
}
|
||||
writeJSON(w, status, map[string]string{"error": err.Error()})
|
||||
writeJSON(w, status, map[string]string{"error": message})
|
||||
}
|
||||
|
||||
func writeJSON(w http.ResponseWriter, status int, body any) {
|
||||
|
||||
@@ -250,6 +250,69 @@ func TestAgentValidateEndpointReturnsBadRequestForInvalidBody(t *testing.T) {
|
||||
}
|
||||
}
|
||||
|
||||
func TestAgentValidateEndpointRejectsOversizeBody(t *testing.T) {
|
||||
root := t.TempDir()
|
||||
agentsDir := filepath.Join(root, "agents")
|
||||
if err := os.MkdirAll(agentsDir, 0o755); err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
if err := os.WriteFile(filepath.Join(agentsDir, "backend.toml"), []byte(`name = "旧名称"`+"\n"), 0o644); err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
body := `{"content":"` + strings.Repeat("a", 1024*1024+1) + `"}`
|
||||
|
||||
req := httptest.NewRequest(http.MethodPost, "/api/agents/backend/validate", bytes.NewBufferString(body))
|
||||
rec := httptest.NewRecorder()
|
||||
New(app.Config{CodexHome: root, HTTPAddr: "127.0.0.1:0"}).ServeHTTP(rec, req)
|
||||
|
||||
if rec.Code != http.StatusRequestEntityTooLarge {
|
||||
t.Fatalf("status = %d, want %d, body = %s", rec.Code, http.StatusRequestEntityTooLarge, rec.Body.String())
|
||||
}
|
||||
if !strings.Contains(rec.Body.String(), "请求体过大") {
|
||||
t.Fatalf("expected Chinese oversize error, got %s", rec.Body.String())
|
||||
}
|
||||
}
|
||||
|
||||
func TestAgentValidateEndpointRejectsTrailingJSON(t *testing.T) {
|
||||
root := t.TempDir()
|
||||
agentsDir := filepath.Join(root, "agents")
|
||||
if err := os.MkdirAll(agentsDir, 0o755); err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
if err := os.WriteFile(filepath.Join(agentsDir, "backend.toml"), []byte(`name = "旧名称"`+"\n"), 0o644); err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
|
||||
req := httptest.NewRequest(http.MethodPost, "/api/agents/backend/validate", bytes.NewBufferString(`{"content":"name = \"新名称\"\n"} {}`))
|
||||
rec := httptest.NewRecorder()
|
||||
New(app.Config{CodexHome: root, HTTPAddr: "127.0.0.1:0"}).ServeHTTP(rec, req)
|
||||
|
||||
if rec.Code != http.StatusBadRequest {
|
||||
t.Fatalf("status = %d, want %d, body = %s", rec.Code, http.StatusBadRequest, rec.Body.String())
|
||||
}
|
||||
if !strings.Contains(rec.Body.String(), "请求体不是有效 JSON") {
|
||||
t.Fatalf("expected Chinese invalid JSON error, got %s", rec.Body.String())
|
||||
}
|
||||
}
|
||||
|
||||
func TestAgentWritebackErrorsAreSanitized(t *testing.T) {
|
||||
root := t.TempDir()
|
||||
if err := os.MkdirAll(filepath.Join(root, "agents"), 0o755); err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
|
||||
req := httptest.NewRequest(http.MethodPost, "/api/agents/missing/validate", bytes.NewBufferString(`{"content":"name = \"新名称\"\n"}`))
|
||||
rec := httptest.NewRecorder()
|
||||
New(app.Config{CodexHome: root, HTTPAddr: "127.0.0.1:0"}).ServeHTTP(rec, req)
|
||||
|
||||
if rec.Code != http.StatusNotFound {
|
||||
t.Fatalf("status = %d, want %d, body = %s", rec.Code, http.StatusNotFound, rec.Body.String())
|
||||
}
|
||||
if strings.Contains(rec.Body.String(), root) || strings.Contains(rec.Body.String(), "no such file") || !strings.Contains(rec.Body.String(), "目标智能体不存在") {
|
||||
t.Fatalf("error leaked path or raw OS text: %s", rec.Body.String())
|
||||
}
|
||||
}
|
||||
|
||||
func TestAgentWriteEndpointCreatesBackupAndRejectsConflicts(t *testing.T) {
|
||||
root := t.TempDir()
|
||||
agentsDir := filepath.Join(root, "agents")
|
||||
|
||||
Reference in New Issue
Block a user