Fix code review findings: panics, detection gaps, and installer issues#12
Fix code review findings: panics, detection gaps, and installer issues#12
Conversation
- Add UTF-8 safe truncation via util.rs::truncate_bytes to prevent panics
on multi-byte characters in audit.rs, terminal.rs, environment.rs,
and the new last_trigger.rs module
- Fix ANSI evidence filter using .contains("escape") instead of "ANSI"
- Strengthen allowlist matching to use host/subdomain boundaries,
preventing evil-github.com from matching github.com allowlist entry
- Add sudo env bash detection via resolve_env_from_args helper
- Expand Docker value-taking flags (~45 flags) to prevent misparsing
images when flags like --name are used
- Add SHA256 checksum verification to Windows installer (install.ps1)
- Add base-devel to AUR PKGBUILD makedepends for ring crate compilation
- Fix bash hook terminal echo in gcloud ssh by saving/restoring stty
- Consolidate duplicate levenshtein implementations into util.rs
- Extract write_last_trigger into shared last_trigger.rs module
- Add warning for unknown shell type instead of silent fallback
- Include actual parse error in policy.rs warning messages
Make CLI installers verify Windows asset checksums, route shell hook output to stderr under Warp or TIRITH_OUTPUT=stderr, and add UTF‑8 safe truncation (80 bytes for commands, 20 bytes for env values) via
|
| cmd.to_string() | ||
| } else { | ||
| format!("{}[...redacted {} chars]", &cmd[..80], cmd.len() - 80) | ||
| format!("{}[...redacted {} chars]", prefix, cmd.len() - prefix.len()) |
There was a problem hiding this comment.
🟢 Low
src/audit.rs:100 The message says "redacted X chars" but cmd.len() - prefix.len() counts bytes, not characters. Consider using cmd.chars().count() - prefix.chars().count() or changing "chars" to "bytes".
| format!("{}[...redacted {} chars]", prefix, cmd.len() - prefix.len()) | |
| format!("{}[...redacted {} bytes]", prefix, cmd.len() - prefix.len()) |
🚀 Want me to fix this? Reply ex: "fix it for me".
- Add _tirith_output() helper to zsh, bash, and fish hooks - Auto-detect Warp via TERM_PROGRAM and use stderr instead of /dev/tty - Add TIRITH_OUTPUT=stderr override for manual control - Document Warp workaround in troubleshooting.md
| fn domain_matches(host: &str, pattern: &str) -> bool { | ||
| let host = host.trim_end_matches('.'); | ||
| let pattern = pattern.trim_start_matches("*.").trim_end_matches('.'); | ||
| host == pattern || host.ends_with(&format!(".{pattern}")) |
There was a problem hiding this comment.
🟡 Medium
src/policy.rs:265 This matches subdomains even when the pattern lacks a *. prefix. Consider checking if the original pattern starts with *. before applying ends_with subdomain matching.
| fn domain_matches(host: &str, pattern: &str) -> bool { | |
| let host = host.trim_end_matches('.'); | |
| let pattern = pattern.trim_start_matches("*.").trim_end_matches('.'); | |
| host == pattern || host.ends_with(&format!(".{pattern}")) | |
| fn domain_matches(host: &str, pattern: &str) -> bool { | |
| let host = host.trim_end_matches('.'); | |
| let is_wildcard = pattern.starts_with("*."); | |
| let pattern = pattern.trim_start_matches("*.").trim_end_matches('.'); | |
| host == pattern || (is_wildcard && host.ends_with(&format!(".{pattern}"))) |
🚀 Want me to fix this? Reply ex: "fix it for me".
Summary
evil-github.com)sudo env bashdetection for pipe-to-interpreter rule--name,-e, etc.base-develto makedependsTest plan
cargo fmt --allpassescargo clippy --workspace -- -D warningspassescargo test --workspacepasses (179 tests)sudo env bashdetection