security: path traversal guard, MCP audit logging, chmod warning#709
Open
EstbanIsLife wants to merge 1 commit into
Open
security: path traversal guard, MCP audit logging, chmod warning#709EstbanIsLife wants to merge 1 commit into
EstbanIsLife wants to merge 1 commit into
Conversation
- Reject `..` in DatabaseConnection paths and enforce .db extension to prevent path traversal via initialize/open. - Log every MCP tool call to stderr (timestamp, pid, tool name) so unexpected invocations are visible in daemon logs. - Surface daemon socket chmod failure as a stderr warning instead of silently swallowing it. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
src/db/index.ts):DatabaseConnection.initialize()and.open()now reject paths containing..and paths without a.dbextension, preventing a caller from being tricked into opening an arbitrary file as a SQLite database.src/mcp/session.ts): Every tool invocation now writes a line to stderr with ISO timestamp, process PID, and tool name, making unexpected calls visible in daemon logs.src/mcp/daemon.ts): Thefs.chmodSync(0o600)failure was swallowed silently. It now emits a stderr warning so permission issues on shared/network filesystems do not go unnoticed.All three issues were identified during a static security review of the codebase.
Test plan
npm run buildpasses without errorsDatabaseConnection.initialize('../../../etc/passwd')throwsInvalid database path: path traversal not allowedDatabaseConnection.initialize('/tmp/test.txt')throwsInvalid database path: must have .db extension.codegraph/codegraph.dbstill works normallyGenerated with Claude Code