vestige/crates
Sam Valladares a3750378bd fix(audit): 16 verified panic/DoS/correctness bugs (swarm, trivial tier)
All verified against real code before fixing (49/95 CRITICAL+HIGH confirmed
real; the rest were false positives). This is the low-risk batch:

panics/DoS:
- backfill: clamp scan_limit to [10,5000] + lookback to [1,365] (negative
  scan_limit => SQLite LIMIT -1 => unbounded fetch = DoS)
- trace_recorder/phases: char-boundary-safe truncation (byte-slice &s[..n]
  panics on multi-byte UTF-8)
- compression: saturating_sub on bytes_saved (short inputs compress larger)
- redmine list_live_ids: u64 offset + wrap/page-cap guards (u32 wrap => infinite
  loop + unbounded alloc)
- speculative file_memory_map: dedup + cap (was unbounded growth)

correctness:
- dreams stage1_replay: select most-recent-N then order, not first-N-then-sort
- prediction_error: count total_evaluations in direct evaluate_with_intent
  branches (rates could exceed 1.0)
- relationships: reject duplicate ids (silent overwrite corrupted the index)
- github: validate owner/repo charset (raw URL-path interpolation)
- reconsolidation: document the (already-correct) idempotency via remove()

core 535/0, mcp 453/0, clippy clean.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-28 14:03:54 -05:00
..
vestige-core fix(audit): 16 verified panic/DoS/correctness bugs (swarm, trivial tier) 2026-06-28 14:03:54 -05:00
vestige-mcp fix(audit): 16 verified panic/DoS/correctness bugs (swarm, trivial tier) 2026-06-28 14:03:54 -05:00