Harden plugin runtime: TLS verify, LSP deadlock, path traversal, ABI exception safety (W14)

W14 addresses the five most critical findings from the W13 plugin audits: - W14.1 network: enable ssl::verify_peer + SSL_set1_host SNI hostname verification (fixes TLS bypass, W13.3 CVSS 7.4); add steady_timer DNS timeout and bottom-up catch(...) hardening (engineer-zhou) - W14.2 lsp: fix reader_loop/stop mutex deadlock via stop_nolock/stop_locked split (W13.4); wrap 11 vtable/entry functions in try/catch with cv notification on reader exit (engineer-sun) - W14.3 tools: add is_safe_path() rejecting empty/absolute/.. paths before file_io calls (fixes path traversal, W13.5 CVSS 7.5); guard g_tools and g_session/g_history under mutex; 9 vtable try/catch (security-cao) - W14.4 host: add fallback plugin search (../plugins/) so binaries run from build/tests/ load current DLLs, resolving the W13.6 R2 stale-DLL false alarm (architect-lin) - W14.5 anthropic+deepseek: wrap 12 ABI boundary functions in try/catch with log-guard, preventing exceptions from crossing the C ABI (engineer-chen) Verified: cmake build 0 error 0 warning, ctest 4/4 pass, smoke R2 now passes naturally. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-27 12:03:50 +08:00
parent 47082376ef
commit 102cd3e141
12 changed files with 1230 additions and 702 deletions
--- a/agents/architect-lin/profile.md
+++ b/agents/architect-lin/profile.md
@@ -39,6 +39,9 @@ performance_log:
  - date: 2026-05-27
    event: "W12.2 完成：消除 config_plugin 与 ConfigStore 的 TOML 解析代码重复（提取共享头 toml_parse.h），消除双 store 数据孤岛（config plugin 委托 host store），修复 c_str() 悬垂指针（thread_local 缓存）。build 0 error，4/4 test pass"
    rating: completed
+  - date: 2026-05-27
+    event: "W14.4 完成：诊断 W12.2 双 store 整合未生效根因——测试加载了 build/tests/plugins/ 下 pre-W12.2 的旧 DLL，而非 build/plugins/ 下 post-W12.2 新 DLL。修复：host.cpp 新增插件目录 fallback 搜索（plugins/ -> ../plugins/），清理 build/tests/ 下陈旧产物。build 0 error，4/4 test pass，R2 由 WARN 变 PASS"
+    rating: completed
 current_groups:
  - grp-quality-core (成员)
  - grp-ai-plugins (待命)
--- a/agents/engineer-chen/profile.md
+++ b/agents/engineer-chen/profile.md
@@ -33,6 +33,19 @@ performance_log:
      - "编译: 0 error; 测试: smoke test passed"
      - "发现: initialize_all() 在首个插件失败时停止，使后续插件无法初始化 (预存 bug, 非本次引入)"
      - "发现: deepseek/session 插件 Boost JSON 链接错误 (预存问题, 与本次修复无关)"
+  - date: 2026-05-27
+    event: "W14.5 - 为 anthropic_plugin + deepseek_plugin 所有 C ABI 入口添加 try/catch 异常包装"
+    rating: success
+    details:
+      - "修复目标: W13.1 杨帆审计 6 个函数 + W13.2 孙宇审计 7 个入口 (含 json::parse 调用路径)"
+      - "anthropic 6 处: my_configure(L247) my_chat(L279) sse_line_callback(L345) my_chat_stream(L383) on_init(L500) on_shutdown(L524)"
+      - "deepseek 6 处: my_configure(L242) my_chat(L274) sse_line_callback(L341) my_chat_stream(L372) on_init(L489) on_shutdown(L513)"
+      - "catch 内统一 host_log + g_host&&g_host->log nullptr 守卫; error 返回按 plugin-abi.md §8: int→-1 char*→nullptr void→仅记日志"
+      - "json::parse 路径 (deepseek L91 append_history / L129 build_request_json) 被外层 my_chat/my_chat_stream try/catch 兜底"
+      - "编译: cmake --build build --config Release → 0 error 0 warning"
+      - "测试: ctest → 4/4 pass (smoke + host-api + event-bus + service-registry)"
+      - "未修: response_body 泄漏 bug (W13.1 TOP 2) / SSE [DONE] 精确匹配 (W13.2 TOP 2) — 留 W15 重构"
+      - "未修: 全局指针无同步 (g_host/g_http/g_config) / tool_use 静默丢弃 — 非本次范围"
  - date: 2026-05-27
    event: "W11.2 - 审计 config_plugin / ConfigStore 职责划分与跨 DLL 堆合规"
    rating: success
--- a/agents/engineer-sun/profile.md
+++ b/agents/engineer-sun/profile.md
@@ -38,4 +38,23 @@ current_groups: []
      核心发现：7 个 C ABI 入口均无 try/catch，畸形 tools_json → json::parse 异常 → std::terminate()。
      跨 DLL 堆/字符串生命周期 A 级合规；与 anthropic ~55% 重复，~230 行可抽取为 ai_plugin_base。
      综合评级 C+。报告写入 agents/audits/W13.2-deepseek-audit.md。
+  - date: 2026-05-27
+    event: "W14.2: 修复 lsp_plugin.cpp 致命死锁 (W13.4 审计发现) + vtable 异常包装"
+    rating: completed
+    details: |
+      死锁修复 (Option C — 拆分 stop_locked/stop 双版本):
+      - 原问题: g_lsp_impl_start L534 持 g_lsp.mutex (非递归) 调用 g_lsp_impl_stop, 后者 L570 再次 unique_lock 同 mutex → 自死锁。
+      - 修复: 拆分 g_lsp_impl_stop_nolock() (无锁体) + g_lsp_impl_stop() (公开接口) + g_lsp_impl_stop_locked(lock) (持锁调用者先 unlock 再 delegate _nolock)。
+      - timeout 路径 L541 改为 g_lsp_impl_stop_locked(lock) — 明确 invariant: lock 在调用点释放, _nolock 内部自行加锁。
+
+      异常安全包装 (try/catch 双层, 符合 plugin-abi.md §8):
+      - 7 个 service vtable: start / stop / open_document / close_document / get_diagnostics / get_hover / get_completion
+      - reader_loop: while 循环体入 try, 异常后仍设 running=false + notify_all 防 waiter 永久阻塞
+      - handle_message: 全函数体入 try
+      - on_shutdown: 全函数体入 try, 异常后仍置 g_host=nullptr
+      - int 返回函数: catch → -1; char** 返回函数: catch → *json_out=nullptr, return -1; void 函数: catch → 仅 log。
+
+      构建验证: cmake --build Release 0 error; ctest 4/4 pass。
+      L420-471 reader_loop, L481-559 start, L561-603 stop 三件套, L605-630 open, L632-655 close,
+      L657-683 diagnostics, L685-730 hover, L730-780 completion, L807-821 on_shutdown.
 ---
--- a/agents/engineer-zhou/profile.md
+++ b/agents/engineer-zhou/profile.md
@@ -35,5 +35,20 @@ performance_log:
      峰值内存: -67% (~360KB -> ~120KB), 无额外拷贝.
      留待真实 API 压测验证 end-to-end.
    rating: good
+  - date: 2026-05-27
+    event: "W14.1 - network_plugin TLS/DNS/exception 三修复 (W13.3 audit)"
+    detail: |
+      修复 W13.3 审计三个问题:
+      (1) TLS 证书验证 (CVSS 7.4): HttpClientCtx 构造添加 set_verify_mode(verify_peer);
+          handshake 前 SSL_set1_host 启用 hostname 验证; SNI/hostname-fail / handshake-fail
+          均 host_log(ERROR).
+      (2) DNS resolve 超时: 用 steady_timer + async_wait + resolver.cancel() 实现 10s 超时,
+         超时/失败均返回明确错误码.
+      (3) catch(...) 兜底: 在 catch(const std::exception&) 后追加 catch(...),
+         非 std 异常不再穿越 C ABI (对齐 plugin-abi.md §8).
+      编译 0 error 0 warning, ctest 4/4 pass.
+      无新增依赖. Windows 上 set_default_verify_paths 可能找不到系统 CA, 已加 TODO
+      建议设置 SSL_CERT_FILE 或 bundle cacert.pem.
+    rating: completed
 current_groups: []
 ---
--- a/agents/security-cao/profile.md
+++ b/agents/security-cao/profile.md
@@ -50,5 +50,18 @@ performance_log:
      命令注入: 未发现。路径遍历: tools 确认。
      评级 session:D+ / tools:D。
      报告: agents/audits/W13.5-session-tools-audit.md
+	  - date: 2026-05-27
+	    event: "W14.3: 修复 W13.5 审计发现 — 路径遍历 + 全局状态加锁 + 9 vtable try/catch"
+	    rating: done
+	    detail: |
+	      修改 session_plugin.cpp (294行) + tools_plugin.cpp (292行)。
+	      (1) is_safe_path() 拒绝空路径、绝对路径(/或盘符)、含..段，lexically_normal二次校验；
+	      builtin_file_read(L50) 和 builtin_file_write(L85) 入口调用，不安全→log ERROR + 返回错误JSON。
+	      (2) 加锁: session g_history/g_cached_history→g_session_mutex; tools g_tools→g_tools_mutex;
+	      g_host/g_file_io→std::atomic<T*> load(acquire)/store(release)。
+	      (3) 9 vtable try/catch 覆盖: session_add/save/load/history (session) +
+	      tools_register_tool/unregister_tool/get_tools_json/execute/on_init (tools)。
+	      编译: cmake --build build --config Release → 0 error 0 warning。
+	      ctest -C Release → 4/4 pass。
 current_groups: []
 ---