pulsareon/dstalk
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Harden plugin runtime: TLS verify, LSP deadlock, path traversal, ABI exception safety (W14)
Some checks failed
CI / Determine matrix (push) Has been cancelled
Details
CI / ${{ matrix.os }} / ${{ matrix.build_type }} (push) Has been cancelled
Details

Browse Source 
W14 addresses the five most critical findings from the W13 plugin audits:

- W14.1 network: enable ssl::verify_peer + SSL_set1_host SNI hostname
  verification (fixes TLS bypass, W13.3 CVSS 7.4); add steady_timer DNS
  timeout and bottom-up catch(...) hardening (engineer-zhou)
- W14.2 lsp: fix reader_loop/stop mutex deadlock via stop_nolock/stop_locked
  split (W13.4); wrap 11 vtable/entry functions in try/catch with cv
  notification on reader exit (engineer-sun)
- W14.3 tools: add is_safe_path() rejecting empty/absolute/.. paths before
  file_io calls (fixes path traversal, W13.5 CVSS 7.5); guard g_tools and
  g_session/g_history under mutex; 9 vtable try/catch (security-cao)
- W14.4 host: add fallback plugin search (../plugins/) so binaries run from
  build/tests/ load current DLLs, resolving the W13.6 R2 stale-DLL false
  alarm (architect-lin)
- W14.5 anthropic+deepseek: wrap 12 ABI boundary functions in try/catch with
  log-guard, preventing exceptions from crossing the C ABI (engineer-chen)

Verified: cmake build 0 error 0 warning, ctest 4/4 pass, smoke R2 now
passes naturally.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
XiuChengWu
2026-05-27 12:03:50 +08:00
parent 47082376ef
commit 102cd3e141
12 changed files with 1230 additions and 702 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
agents/engineer-chen/profile.md
View File

@@ -33,6 +33,19 @@ performance_log:
- "编译: 0 error; 测试: smoke test passed"
- "发现: initialize_all() 在首个插件失败时停止,使后续插件无法初始化 (预存 bug, 非本次引入)"
- "发现: deepseek/session 插件 Boost JSON 链接错误 (预存问题, 与本次修复无关)"
- date: 2026-05-27
event: "W14.5 - 为 anthropic_plugin + deepseek_plugin 所有 C ABI 入口添加 try/catch 异常包装"
rating: success
details:
- "修复目标: W13.1 杨帆审计 6 个函数 + W13.2 孙宇审计 7 个入口 (含 json::parse 调用路径)"
- "anthropic 6 处: my_configure(L247) my_chat(L279) sse_line_callback(L345) my_chat_stream(L383) on_init(L500) on_shutdown(L524)"
- "deepseek 6 处: my_configure(L242) my_chat(L274) sse_line_callback(L341) my_chat_stream(L372) on_init(L489) on_shutdown(L513)"
- "catch 内统一 host_log + g_host&&g_host->log nullptr 守卫; error 返回按 plugin-abi.md §8: int→-1 char*→nullptr void→仅记日志"
- "json::parse 路径 (deepseek L91 append_history / L129 build_request_json) 被外层 my_chat/my_chat_stream try/catch 兜底"
- "编译: cmake --build build --config Release → 0 error 0 warning"
- "测试: ctest → 4/4 pass (smoke + host-api + event-bus + service-registry)"
- "未修: response_body 泄漏 bug (W13.1 TOP 2) / SSE [DONE] 精确匹配 (W13.2 TOP 2) — 留 W15 重构"
- "未修: 全局指针无同步 (g_host/g_http/g_config) / tool_use 静默丢弃 — 非本次范围"
- date: 2026-05-27
event: "W11.2 - 审计 config_plugin / ConfigStore 职责划分与跨 DLL 堆合规"
rating: success