github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-08 14:48:28 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(gateway): avoid unsafe param stringification

Browse Source
This commit is contained in:
Peter Steinberger
2026-02-15 05:49:37 +00:00
parent 2fe16af3cd
commit a457782386
1 changed files with 9 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
src/gateway/server-methods/agents.ts
View File

@@ -67,12 +67,19 @@ function resolveAgentWorkspaceFileOrRespondError(
name: string; name: string;
} | null { } | null {
const cfg = loadConfig(); const cfg = loadConfig();
const agentId = resolveAgentIdOrError(String(params.agentId ?? ""), cfg); const rawAgentId = params.agentId;
const agentId = resolveAgentIdOrError(
typeof rawAgentId === "string" || typeof rawAgentId === "number" ? String(rawAgentId) : "",
cfg,
);
if (!agentId) { if (!agentId) {
respond(false, undefined, errorShape(ErrorCodes.INVALID_REQUEST, "unknown agent id")); respond(false, undefined, errorShape(ErrorCodes.INVALID_REQUEST, "unknown agent id"));
return null; return null;
} }
const name = String(params.name ?? "").trim(); const rawName = params.name;
const name = (
typeof rawName === "string" || typeof rawName === "number" ? String(rawName) : ""
).trim();
if (!ALLOWED_FILE_NAMES.has(name)) { if (!ALLOWED_FILE_NAMES.has(name)) {
respond(false, undefined, errorShape(ErrorCodes.INVALID_REQUEST, `unsupported file "${name}"`)); respond(false, undefined, errorShape(ErrorCodes.INVALID_REQUEST, `unsupported file "${name}"`));
return null; return null;