fix: char-boundary-safe truncation in reader quotes and activity/history (crashes on multibyte)#115
Conversation
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
|
Warning Review limit reached
Next review available in: 30 minutes Enable usage-based reviews in Billing to review now. Otherwise, wait until the next included review is available. How can I continue?After more reviews become available, a review can be triggered using the To avoid repeated limits, reduce automatic review volume by pausing incremental auto-reviews earlier, using label-based review opt-in, excluding WIP or generated PR titles, or requesting reviews manually when the PR is ready. If your team needs uninterrupted high-volume reviews, an organization admin can enable usage-based reviews. How do review limits work?CodeRabbit enforces per-developer PR review limits for each organization. Most developers receive the normal plan review availability. For paid Pro and Pro+ PR reviews, CodeRabbit uses adaptive limits for sustained high-volume activity. When a developer's recent PR review activity reaches the 95th percentile or higher among CodeRabbit users, additional reviews become available more gradually as earlier reviews age out of the rolling window. Please refer docs for additional details. Review details⚙️ Run configurationConfiguration used: defaults Review profile: CHILL Plan: Pro Run ID: 📒 Files selected for processing (3)
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
There was a problem hiding this comment.
1 issue found across 3 files
Prompt for AI agents (unresolved issues)
Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.
<file name="crates/daemon/src/commands/activity.rs">
<violation number="1" location="crates/daemon/src/commands/activity.rs:193">
P2: Large relative-duration inputs can panic or produce a wrapped timestamp because each unit conversion multiplies `n` unchecked. Return `None` on overflow so `parse_time_input` reports invalid input instead.</violation>
</file>
Reply with feedback, questions, or to request a fix.
Re-trigger cubic
| 's' => n * 1_000, | ||
| 'm' => n * 60_000, | ||
| 'h' => n * 3_600_000, | ||
| 'd' => n * 86_400_000, | ||
| 'w' => n * 7 * 86_400_000, | ||
| _ => return None, | ||
| }; | ||
| Some(ms) |
There was a problem hiding this comment.
P2: Large relative-duration inputs can panic or produce a wrapped timestamp because each unit conversion multiplies n unchecked. Return None on overflow so parse_time_input reports invalid input instead.
Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At crates/daemon/src/commands/activity.rs, line 193:
<comment>Large relative-duration inputs can panic or produce a wrapped timestamp because each unit conversion multiplies `n` unchecked. Return `None` on overflow so `parse_time_input` reports invalid input instead.</comment>
<file context>
@@ -182,14 +182,19 @@ fn parse_duration_ms(s: &str) -> Option<i64> {
- "h" => n * 3_600_000,
- "d" => n * 86_400_000,
- "w" => n * 7 * 86_400_000,
+ 's' => n * 1_000,
+ 'm' => n * 60_000,
+ 'h' => n * 3_600_000,
</file context>
677c559 to
603f172
Compare
Problem
Three byte-index panics on multibyte input (mail-derived or user-typed):
quotes.rsextract_from_on_wrote:rfind("wrote:")offset came from ato_lowercase()copy but sliced the ORIGINAL header;to_lowercase()can change byte length (İU+0130 grows) → slice off a char boundary → panic rendering a quoted reply.activity.rs:&t[..t.len().min(12)]byte-sliced a mail-derivedtarget_id(IDN email, unicode snippet) → panic inmxr activity.split_at(len-1)on a multibyte unit (3日,5м) → panic.Fix
"wrote:"(ASCII) as a byte offset in the original viawindows().rposition(|w| w.eq_ignore_ascii_case(b"wrote:"))— ASCII match start is a valid char boundary; original case preserved.t.chars().take(12).collect().let unit = s.chars().last()?; &s[..s.len() - unit.len_utf8()](the char-safe idiom already used insenders.rs); non-ASCII unit → clean parse error, no panic.Regression test per bug (İ×7,
3日/5м, IDNtarget_id). reader (6) + mxr activity/history (16) tests pass; clippy clean.CI note: workspace clippy red on pre-existing 1.97 lints until #111 merges; will rebase.
Summary by cubic
Fixes crashes caused by multibyte characters by making quote detection and activity/history truncation and parsing char-boundary safe. Unicode names, IDN emails, and non-ASCII duration units no longer crash the CLI.
to_lowercase(); preserves the original case.target_idwithchars().take(12)to avoid cutting inside a multibyte character.s/m/h/d/w); non-ASCII units now return a clean error instead of panicking.Written for commit 603f172. Summary will update on new commits.