fix(holographic): sanitize FTS5 queries, fix entity wildcard matching, close DB on shutdown#6667
Open
aaronlab wants to merge 1 commit into
Conversation
…ies, close DB on shutdown - store.search_facts: wrap FTS5 query tokens in double quotes to neutralize operators (AND, OR, NOT, NEAR, *, column filters) that could cause query injection, crashes, or cross-column exfiltration - store._resolve_entity: replace LIKE with = COLLATE NOCASE for entity name matching — LIKE treats % and _ in entity names as wildcards, causing incorrect entity resolution (e.g., "100% Complete" matches "1000 Complete") - store._resolve_entity: replace alias LIKE pattern with INSTR for exact substring matching — same wildcard bug in alias resolution - __init__.shutdown: call store.close() before setting to None, preventing SQLite connection and WAL file leak on plugin shutdown Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
Collaborator
Collaborator
13 tasks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
MATCHby wrapping tokens in double quotesLIKEwith= COLLATE NOCASEfor entity name matching, andINSTRfor alias matchingstore.close()before setting toNonein plugin shutdownDetails
FTS5 query injection (HIGH)
search_facts()passes raw user input toWHERE facts_fts MATCH ?. FTS5's MATCH accepts a mini-language with operators (AND,OR,NOT,NEAR(), column filters likecontent:, prefix*). A query likeNOT *crashes with a syntax error;tags:secretexfiltrates data across columns.Fix: wrap each whitespace-delimited token in double quotes, stripping any embedded quotes first. This preserves word-level matching while neutralizing all FTS5 operators.
Entity name wildcard matching (HIGH)
_resolve_entityusesWHERE name LIKE ?for case-insensitive matching. ButLIKEtreats%and_as wildcards. Entity name"100% Complete"matches"1000 Complete","100X Complete", etc. — linking facts to wrong entities.Fix: use
WHERE name = ? COLLATE NOCASEfor exact case-insensitive matching.Alias wildcard matching (HIGH)
The alias search uses
WHERE ',' || aliases || ',' LIKE '%,' || ? || ',%'— the user-supplied name is treated as a LIKE pattern.name = "%"matches every entity with any alias.Fix: use
INSTR(',' || LOWER(aliases) || ',', ',' || LOWER(?) || ',') > 0for exact substring matching.Shutdown resource leak (MEDIUM)
HolographicMemoryProvider.shutdown()setsself._store = Nonewithout closing the SQLite connection, leaking the connection and WAL file until GC.Fix: call
self._store.close()before nulling.Test plan
search_facts("NOT *")returns empty (not crash)"100% Complete"doesn't match"1000 Complete"%doesn't match all entitiespytest tests/ -q🤖 Generated with Claude Code