dstalk/agents/audits/findings-registry.md

Audit Findings Registry

维护人: grp-quality-core (王测) 格式定义: 见 agents/WORKFLOW.md §14.2 最后更新: 2026-05-27 (W17.3 王测，验证 W14 修复并关闭 F-13.1-1/4 + F-13.2-1/2 + F-11.7-2)

---

Open Findings

ID	Severity	Source	Title	Status	Assigned To	Fix Wave	Verified By
F-11.7-3	LOW	W11.7-destructive-test.md	/context silent no-output when session unavailable; no else branch — main.cpp:175-185	OPEN	—	—	—
F-11.7-4	LOW	W11.7-destructive-test.md	/file write (no args) matched as unknown command instead of usage hint	OPEN	—	—	—
F-11.1-3	MEDIUM	W11.1-context-audit.md	context_set_max_tokens死API，g_max_tokens从未被读取（L21/L243-244）	OPEN	—	—	—
F-11.1-4	LOW	W11.1-context-audit.md	UTF-8解码无越界保护（L42-64, L96-104），多字节序列假设后续字节有效	OPEN	—	—	—
F-11.1-5	LOW	W11.1-context-audit.md	token计数逻辑重复（L34-68 vs L91-106 ~90%重复）	OPEN	—	—	—
F-11.1-6	LOW	W11.1-context-audit.md	0xC0/0xC1过短编码未识别（L52, L100），仅影响token估算计数	OPEN	—	—	—

---

Closed Findings

Closed Findings 表必须包含 Close Date 字段（格式 YYYY-MM-DD），记录发现关闭日期。字段定义见 WORKFLOW.md §14.1。

ID	Severity	Source	Title	Close Date	Fix Wave	Verified By
F-11.7-1	CRITICAL	W11.7-destructive-test.md	build/bin/dstalk-cli.exe corrupt copy (MD5 d8e8c92b vs 803ca2ea); all commands treated as AI prompt, exit code always 3	2026-05-27	W12.4	security-cao
F-11.1-1	HIGH	W11.1-context-audit.md	C++ exception (std::bad_alloc)穿越ABI边界，违反plugin-abi §5.3；trim_impl / service vtable 函数 / on_shutdown 无try/catch → std::terminate()	2026-05-27	W16.2	engineer-sun
F-11.1-2	HIGH	W11.1-context-audit.md	strdup返回值未检查，OOM时静默失败+泄漏；L138-141/L219-222 循环内4次strdup无nullptr检查	2026-05-27	W16.3	engineer-chen
F-13.3-1	CRITICAL	W13.3-network-audit.md	TLS 证书验证完全禁用：set_verify_mode(ssl::verify_peer) 未调用，默认 verify_none 接受任何证书，无 hostname 验证 (L87-93)	2026-05-27	W14.1	security-cao
F-13.3-2	HIGH	W13.3-network-audit.md	DNS 解析无超时：resolver.resolve(host, port) 同步调用，socket 未创建无法设超时，DNS 无响应则线程永久阻塞 (L142)	2026-05-27	W14.1	security-cao
F-13.3-3	MEDIUM	W13.3-network-audit.md	异常处理缺 catch(...) 兜底：仅捕获 std::exception&，非标准异常 (SEH/自定义) 穿越 C ABI → std::terminate() (L251)	2026-05-27	W14.1	security-cao
F-11.7-2	MEDIUM	W11.7-destructive-test.md	/clear reports [OK] even when session unavailable (g_session==null) — main.cpp:168-172	2026-05-27	W17.3	qa-wang
F-13.1-1	HIGH	W13.1-anthropic-audit.md	6 C ABI functions zero try/catch protection (§8): my_configure/my_chat/my_chat_stream/sse_line_callback/on_init/on_shutdown -- any std::bad_alloc → std::terminate()	2026-05-27	W14.5	qa-wang
F-13.1-4	MEDIUM	W13.1-anthropic-audit.md	sse_line_callback no exception protection (L326 std::string alloc): relies on network plugin try/catch as fragile assumption	2026-05-27	W14.5	qa-wang
F-13.2-1	HIGH	W13.2-deepseek-audit.md	C++ exceptions cross C ABI boundary (§8): json::parse(tools_json) in build_request_json (L129) and json::parse(tool_calls_json) in append_history (L91) can throw → std::terminate()	2026-05-27	W14.5	qa-wang
F-13.2-2	MEDIUM	W13.2-deepseek-audit.md	Asymmetric exception protection: parse_response has internal try/catch but build_request_json does not (L129 json::parse unprotected)	2026-05-27	W14.5	qa-wang
F-13.2-3	MEDIUM	W13.2-deepseek-audit.md	SSE [DONE] sentinel exact match too brittle (L213): trailing spaces prevent match → stream never terminates → caller hang	2026-05-27	W17.2	engineer-zhao
F-13.2-4	MEDIUM	W13.2-deepseek-audit.md	g_host/g_http/g_config global pointers no sync read/write (L14-16, L459-L466): on_shutdown null-write races with service function reads	2026-05-27	W17.2	engineer-zhao
F-13.1-2	HIGH	W13.1-anthropic-audit.md	response_body leak in my_chat error path: ret!=0 returns without freeing response_body	2026-05-27	W17.4	—
F-13.1-3	HIGH	W13.1-anthropic-audit.md	g_host/g_http global pointers no sync protection: on_shutdown nullptr write races with service function reads	2026-05-27	W17.4	—

---

Change Log

Date	Change	Author
2026-05-27	W15.2 初始化，从 W11.1/W11.7 提取 10 条发现	王测 (qa-wang)
2026-05-27	W16.1: F-11.7-1 状态 CLOSED，W12.4 已彻底修复 build 产物路径不一致，验证通过	曹武 (security-cao)
2026-05-27	W16.2: F-11.1-1 状态 FIXED，context_set_max_tokens / on_shutdown 添加 try/catch 包装	孙宇 (engineer-sun)
2026-05-27	W16.3: F-11.1-2 状态 FIXED，strdup OOM 检查在 W12.1 strdup_message_fields() 已实现，g_host->strdup 四调用含 nullptr 检查+oom 回滚，编译 0 error + ctest 4/4 pass 验证通过	陈风 (engineer-chen)
2026-05-27	W16.6: 从 W13.1/W13.2 审计报告提取 8 条 MEDIUM+ 发现录入 Open 分区；F-13.1-1/F-13.1-4/F-13.2-1/F-13.2-2 标注 Fix Wave W14（ABI 异常安全已在 W14.5 修复）	赵码 (engineer-zhao)
2026-05-27	W17.1: F-13.3-1/F-13.3-2/F-13.3-3 状态 CLOSED — W14.1 周岩已修复全部 3 项（TLS verify_peer + SSL_set1_host、DNS steady_timer 10s 超时、catch(...) 兜底），编译 0 error + ctest 4/4 pass 验证通过	曹武 (security-cao)
2026-05-27	W17.3: F-13.1-1/F-13.1-4/F-13.2-1/F-13.2-2 状态 CLOSED — W14.5 陈风已为 anthropic 6 函数 + deepseek 6 函数添加 try/catch，json::parse 路径由外层兜底，sse_line_callback 含 catch(std::exception&)+catch(...)；F-11.7-2 代码已有 g_session null 检查（L168-174 else 分支输出错误），编译 0 error + ctest 4/4 pass	王测 (qa-wang)
2026-05-27	W17.2: F-13.2-3/F-13.2-4 状态 FIXED — SSE [DONE] sentinel 改为 trim-后精确比较，g_host/g_http/g_config 全局指针改为 std::atomic load(acquire)/store(release) 保护	赵码 (engineer-zhao)
2026-05-27	W17.4: F-13.1-2/F-13.1-3 状态 FIXED — my_chat ret!=0 路径释放 response_body，g_host/g_http 改为 std::atomic load(acquire)/store(release) 保护，编译 0 error + ctest 4/4 pass	马奔 (devops-ma)