Skip to content

fix(mcp): keep available_projects error JSON valid when many projects (#235)#735

Merged
DeusData merged 1 commit into
mainfrom
fix/available-projects-json-truncation
Jul 1, 2026
Merged

fix(mcp): keep available_projects error JSON valid when many projects (#235)#735
DeusData merged 1 commit into
mainfrom
fix/available-projects-json-truncation

Conversation

@DeusData

@DeusData DeusData commented Jul 1, 2026

Copy link
Copy Markdown
Owner

Malformed-JSON bug in the "project not found" error, found while exercising the new CLI flags against a cache with 280 indexed projects.

Bug: collect_db_project_names builds the error's available_projects list into a fixed 4 KB buffer. On overflow, snprintf truncated the last name mid-token and the code clamped offset to the buffer end — so the error response was unterminated, invalid JSON (…,"tmp-cb],"count":50}) once enough projects were indexed to overflow the buffer. A client parsing the error would fail.

Fix: write element-boundary — before each name, require the whole element (optional leading comma + quoted name + NUL) to fit; otherwise stop at that boundary. The array then always holds complete names and count == its length → always valid JSON (just fewer names when full; the hint already points callers to list_projects for the full set).

Reproduce-first: tool_bad_project_error_valid_json_issue235 — 50 dbs with ~120-char internal names (well over 4 KB), triggers the error, asserts the response parses as JSON and available_projects is an array with length == count. RED before (yyjson_read → NULL on the truncated buffer), GREEN after. The existing tool_bad_project_name_no_overflow_issue235 (buffer-bounds guard) still passes. Full suite 5736 / 0.

Follow-up from the CLI-reliability series (#640/#680/#704/#719).

…#235)

collect_db_project_names built the "project not found or not indexed" error's
available_projects list into a fixed 4 KB buffer and, on overflow, let snprintf
truncate the last name mid-token then clamped offset to the buffer end -- so the
error response was malformed, unterminated JSON (e.g. ...,"tmp-cb],"count":50})
whenever enough projects were indexed to overflow the buffer. A client parsing
the error would fail. Found while exercising the CLI against a cache with 280
indexed projects.

Write element-boundary instead: before each name, require the whole element
(optional leading comma + the quoted name + NUL) to fit in the remaining buffer;
otherwise stop at that boundary. The array then always holds only complete names
and count == its length, so the JSON is always valid (just fewer names when the
buffer is full -- callers can run list_projects for the complete set).

Reproduce-first: tool_bad_project_error_valid_json_issue235 builds 50 dbs with
~120-char internal names (well over 4 KB), triggers the error, and asserts the
response parses as JSON and available_projects is an array with length == count.
RED before (yyjson_read returns NULL on the truncated buffer), GREEN after. The
existing tool_bad_project_name_no_overflow_issue235 (buffer bounds) still passes.
Full suite 5736/0.

Signed-off-by: Martin Vogel <martin.vogel.tech@gmail.com>
@DeusData DeusData merged commit 4e3c417 into main Jul 1, 2026
15 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant