fix: review findings — NaN threshold guard, percent-escape rejection in upstream model ids
- Segment: reject NaN thresholds (NaN fails every comparison, so it passed the [0,1] range check and reached the shim as the literal string "NaN"); ±Inf were already caught by the range comparisons, now covered by tests too. - upstreamPath: reject '%' in model ids — %2F/%2E%2E percent-escapes decode back into path structure server-side, bypassing the literal /?#/.. rejection. Ids never legitimately contain '%'. Co-Authored-By: Claude Fable 5 <[email protected]> Claude-Session: https://claude.ai/code/session_01WWCQcYStWXBYUy5sZWnbLT
This commit is contained in:
@@ -16,12 +16,14 @@ import (
|
||||
//
|
||||
// Why reject rather than escape: same rationale as Unload — model ids
|
||||
// legitimately contain ":" but never path-structure characters, and escaping
|
||||
// would mask a config error instead of surfacing it.
|
||||
// would mask a config error instead of surfacing it. '%' is rejected too:
|
||||
// ids never legitimately carry percent-escapes, and %2F/%2E%2E would decode
|
||||
// back into path structure on the server side.
|
||||
func upstreamPath(model, rest string) (string, error) {
|
||||
if strings.TrimSpace(model) == "" {
|
||||
return "", fmt.Errorf("llama-swap: upstream call requires a model id")
|
||||
}
|
||||
if strings.ContainsAny(model, "/?#") || strings.Contains(model, "..") {
|
||||
if strings.ContainsAny(model, "/?#%") || strings.Contains(model, "..") {
|
||||
return "", fmt.Errorf("llama-swap: invalid model id %q for upstream call (contains a path separator)", model)
|
||||
}
|
||||
if !strings.HasPrefix(rest, "/") {
|
||||
|
||||
Reference in New Issue
Block a user