Problem
Finding C1: DateParseError.description 可 reflect 任意長度 input
From verification of #5, #6 by security reviewer:
「可 reflect 任意長度 input → 建議 truncate 到 128 chars 防 response-size amplification」
雖然 MCP JSON response 有 newline-delimited frame,不會因為 input 長導致 injection,但呼叫端送 1MB string 會讓 errorResult body 也變 1MB,amplification 層面的 minor concern。
Finding C2: 缺 since_date > until_date 語意檢查
From verification of #5, #6 by security reviewer:
「缺 since_date > until_date 語意檢查:功能正確性問題,非安全」
使用者傳入 since_date: "2026-12-31", until_date: "2026-01-01" 目前會靜默回傳空陣列(filter 永遠排除),無錯誤提示。
Type
enhancement
Expected
DateParseError 顯示 input 截斷到 128 chars("abc..." 附省略標示)- handler 層加
if since > until → errorResult("since_date must be earlier than until_date")
Code Reference
Sources/CheTelegramAllMCPCore/DateParsing.swift:5-12 (truncate)Sources/CheTelegramAllMCPCore/Server.swift:358-361, 488-491 (sanity check)
Related: #5, #6
Implementation history
- 2026-04-27: C1 truncate at 128 chars + marker (commit
e7a9515)
- 2026-04-27: C2 added
validateDateRange(_:_:) shared helper + 5 tests (commit d58f6b2)
- 2026-04-27: validation moved to parser layer (HandlerArgs) not handler layer (Server)
- 2026-04-27: verify-DA F2/F3 in-scope fix (commit
67451ef) — extended truncation to all errorResultFromParse messages + CHANGELOG precedence note
Current Status
Phase: closed
Last updated: 2026-04-27 by idd-close
Key Decisions
Scope Changes
- F2 in-scope fix expanded protection to all error message paths
- F3 in-scope fix documented behavior change
Blocking
(none)
Test counts
- Batch total: 163 → 180 (+17)
- +4 truncation, +5 since/until, +6 HandlerGlueTests, +2 verify-DA F2 cap
Commits
Follow-up (verify-DA)
Problem
Finding C1: DateParseError.description 可 reflect 任意長度 input
雖然 MCP JSON response 有 newline-delimited frame,不會因為 input 長導致 injection,但呼叫端送 1MB string 會讓 errorResult body 也變 1MB,amplification 層面的 minor concern。
Finding C2: 缺 since_date > until_date 語意檢查
使用者傳入
since_date: "2026-12-31",until_date: "2026-01-01"目前會靜默回傳空陣列(filter 永遠排除),無錯誤提示。Type
enhancement
Expected
DateParseError顯示 input 截斷到 128 chars("abc..."附省略標示)if since > until → errorResult("since_date must be earlier than until_date")Code Reference
Sources/CheTelegramAllMCPCore/DateParsing.swift:5-12(truncate)Sources/CheTelegramAllMCPCore/Server.swift:358-361, 488-491(sanity check)Related: #5, #6
Implementation history
e7a9515)validateDateRange(_:_:)shared helper + 5 tests (commitd58f6b2)67451ef) — extended truncation to all errorResultFromParse messages + CHANGELOG precedence noteCurrent Status
Phase: closed
Last updated: 2026-04-27 by idd-close
Key Decisions
"...(truncated)"markervalidateDateRange(_:_:)module-level helper(呼應 Test hardening: int64 helper DRY + boundary + TZ assertions #15-C1 / Refactor dump_chat_to_markdown handler to use parseGetChatHistoryArgs pattern #13 DRY pattern),nil-tolerantScope Changes
Blocking
(none)
Test counts
Commits
e7a9515ASCII arrow + DateParseError input truncate (改善 stderr log 格式: ASCII 箭號 + DateParseError internal visibility #9 B1, Input hardening: DateParseError input truncate + since/until range sanity check #10 C1)d58f6b2validate since_date <= until_date in both parsers (Input hardening: DateParseError input truncate + since/until range sanity check #10 C2)67451efcap errorResultFromParse messages + document precedence change (Test: handler glue integration (errorResult conversion + tdlib wiring) #14 verify DA F2+F3)Follow-up (verify-DA)