fix: високо и средно приоритетни бъгове в query, protocol, storage, vector, fts

Поправени проблеми:
- Wire protocol: bounds checking, max length limits, recursion depth limit
- SQL injection: escape-ване на quotes в exprToSql string literals
- ReDoS: escape-ване на regex metachars в LIKE/ILIKE
- Stale BTree indexes: добавен BTree.remove() + изтриване при UPDATE/DELETE
- SSL: quoteShell за всички shell команди с пътища
- Boolean literals: parser вече разпознава tkTrue/tkFalse
- Unary minus: lowerExpr map-ва ukNeg към irNeg (вместо irNot)
- Non-aggregate UDFs: lowerExpr създава irekFuncCall вместо NULL literal
- UTF-8 FTS: tokenize използва runes вместо байтове
- HNSW: добавен Lock за thread-safe insert/search

292 теста, 0 failure-а.
This commit is contained in:
2026-05-12 23:02:54 +03:00
parent 131541a0e5
commit 6aaabb518d
8 changed files with 144 additions and 29 deletions
+6 -6
View File
@@ -79,8 +79,8 @@ proc generateSelfSignedCert*(outputDir: string, commonName: string = "localhost"
let certPath = outputDir / (commonName & ".crt")
let keyPath = outputDir / (commonName & ".key")
createDir(outputDir)
let cmd = "openssl req -x509 -newkey rsa:2048 -keyout " & keyPath &
" -out " & certPath & " -days 365 -nodes -subj '/CN=" & commonName & "' 2>/dev/null"
let cmd = "openssl req -x509 -newkey rsa:2048 -keyout " & quoteShell(keyPath) &
" -out " & quoteShell(certPath) & " -days 365 -nodes -subj " & quoteShell("/CN=" & commonName) & " 2>/dev/null"
if execShellCmd(cmd) == 0 and fileExists(certPath):
return (certPath, keyPath)
return ("", "")
@@ -88,7 +88,7 @@ proc generateSelfSignedCert*(outputDir: string, commonName: string = "localhost"
proc certificateFingerprint*(certPath: string): string =
if not fileExists(certPath):
return ""
let cmd = "openssl x509 -in " & certPath & " -fingerprint -noout 2>/dev/null"
let cmd = "openssl x509 -in " & quoteShell(certPath) & " -fingerprint -noout 2>/dev/null"
let (output, _) = execCmdEx(cmd)
for line in output.splitLines():
if "Fingerprint=" in line:
@@ -100,17 +100,17 @@ proc certificateFingerprint*(certPath: string): string =
proc isExpired*(certPath: string): bool =
if not fileExists(certPath):
return true
let cmd = "openssl x509 -in " & certPath & " -checkend 0 2>/dev/null"
let cmd = "openssl x509 -in " & quoteShell(certPath) & " -checkend 0 2>/dev/null"
return execShellCmd(cmd) != 0
proc daysUntilExpiry*(certPath: string): int =
if not fileExists(certPath):
return -1
# Check if expires within 1 day
let cmd1 = "openssl x509 -in " & certPath & " -checkend 86400 2>/dev/null"
let cmd1 = "openssl x509 -in " & quoteShell(certPath) & " -checkend 86400 2>/dev/null"
if execShellCmd(cmd1) == 0:
# Check if expires within 30 days
let cmd30 = "openssl x509 -in " & certPath & " -checkend 2592000 2>/dev/null"
let cmd30 = "openssl x509 -in " & quoteShell(certPath) & " -checkend 2592000 2>/dev/null"
if execShellCmd(cmd30) == 0:
return 365
return 30