Skip to content

fix: harden crypto input validation#30

Merged
koistya merged 3 commits intomainfrom
dev
Dec 9, 2025
Merged

fix: harden crypto input validation#30
koistya merged 3 commits intomainfrom
dev

Conversation

@koistya
Copy link
Member

@koistya koistya commented Dec 9, 2025

Summary

  • formatFence: Reject invalid inputs before BigInt() conversion
  • makeStorageKey: Validate numeric config parameters
  • Bump version to 2.5.3

Changes

formatFence hardening — fixes contract violations:

formatFence(-0.1)    // was: "000000000000000", now: throws LockError
formatFence(NaN)     // was: RangeError leaked, now: throws LockError
formatFence(42.9)    // was: "000000000000042", now: throws LockError

makeStorageKey validation — prevents limit bypass:

makeStorageKey("p", "k", -100, 0)  // now throws: "backendLimitBytes must be a positive integer"
makeStorageKey("p", "k", 1000, NaN) // now throws: "reserveBytes must be a non-negative integer"

New constant FENCE_FORMAT_MAX (10^15-1) distinguishes the format limit from FENCE_THRESHOLDS.MAX (9e14) operational limit.

Test coverage

All edge cases covered: NaN, Infinity, negative fractions, non-integers, invalid config.

@koistya
test: move makeStorageKey tests to unit file, fix test title
48408a9 
- Rename misleading "should handle lookup consistently within tolerance
  window" to "should return lock info for active lock"
- Move Storage Key Consistency tests from E2E to new crypto.test.ts
- Add comprehensive unit tests for generateLockId, hashKey, formatFence
@koistya
test: consolidate crypto tests into common/crypto.test.ts
4d23686
@koistya
fix: harden formatFence and makeStorageKey input validation
47e4cb4 
- formatFence: reject non-finite, non-integer, and negative values
  before BigInt conversion (prevents leaked RangeError, fixes -0.1→0 bug)
- makeStorageKey: validate backendLimitBytes (positive int) and
  reserveBytes (non-negative int) to prevent limit bypass
- Add FENCE_FORMAT_MAX constant (10^15-1) distinct from operational
  FENCE_THRESHOLDS.MAX (9e14)
- Update tests for stricter contracts
- Bump version to 2.5.3
@codecov
Copy link

codecov bot commented Dec 9, 2025
edited
Loading

Codecov Report

❌ Patch coverage is 94.11765% with 2 lines in your changes missing coverage. Please review.
✅ Project coverage is 76.63%. Comparing base (549ad5f) to head (47e4cb4).
⚠️ Report is 1 commits behind head on main.

Files with missing lines Patch % Lines
common/crypto.ts 93.93% 2 Missing ⚠️
Additional details and impacted files

Impacted file tree graph

@@            Coverage Diff             @@
##             main      #30      +/-   ##
==========================================
+ Coverage   76.37%   76.63%   +0.26%     
==========================================
  Files          42       42              
  Lines        2688     2718      +30     
==========================================
+ Hits         2053     2083      +30     
  Misses        635      635
Flag Coverage Δ
contracts-firestore 47.05% <50.00%> (-0.01%) ⬇️
contracts-postgres 42.96% <35.29%> (-0.06%) ⬇️
contracts-redis 40.21% <35.29%> (-0.01%) ⬇️
e2e 58.92% <50.00%> (-0.16%) ⬇️
unit 64.92% <100.00%> (+0.55%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

Files with missing lines Coverage Δ
common/constants.ts 100.00% <100.00%> (ø)
common/crypto.ts 92.03% <93.93%> (+2.74%) ⬆️
🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@koistya koistya merged commit af0df3f into main Dec 9, 2025
13 checks passed
@koistya koistya deleted the dev branch December 9, 2025 10:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@koistya