will/flynn
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(audit): require integer gateway window padding

Browse Source 
Enforce non-negative integer padding_ms/--window-padding-ms across gateway window helper and live baseline capture CLI, with regression coverage for invalid values. Architecture/protocol diagrams reviewed; no updates were needed for this validation-only change.
This commit is contained in:
William Valentin
2026-02-27 13:18:37 -08:00
parent bf79f734f1
commit 0decf34760
4 changed files with 42 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/audit/phase0GatewayWindow.test.ts
+10
View File
@@ -71,4 +71,14 @@ describe('findLatestGatewayCancelWindow', () => {
expect(findLatestGatewayCancelWindow(events)).toBeNull();
});
it('rejects invalid padding values', () => {
const events: AuditEvent[] = [
event(1000, 'run.cancel', { session_id: 's1', source: 'gateway' }),
event(1010, 'run.state', { session_id: 's1', source: 'gateway', state: 'cancelled' }),
];
expect(() => findLatestGatewayCancelWindow(events, { padding_ms: -1 })).toThrow('padding_ms');
expect(() => findLatestGatewayCancelWindow(events, { padding_ms: 1.5 })).toThrow('padding_ms');
});
});
src/audit/phase0GatewayWindow.ts
+17 -4
View File
@@ -36,6 +36,22 @@ function isGatewayEvent(payload: Record<string, unknown>): boolean {
return readString(payload.source) === 'gateway';
}
function normalizePaddingMs(value: number | undefined): number {
if (value === undefined) {
return 0;
}
if (!Number.isFinite(value)) {
throw new Error('padding_ms must be a finite integer greater than or equal to 0.');
}
if (!Number.isInteger(value)) {
throw new Error('padding_ms must be an integer greater than or equal to 0.');
}
if (value < 0) {
throw new Error('padding_ms must be greater than or equal to 0.');
}
return value;
}
export function findLatestGatewayCancelWindow(
events: AuditEvent[],
options: FindGatewayCancelWindowOptions = {},
@@ -104,10 +120,7 @@ export function findLatestGatewayCancelWindow(
return null;
}
const padRaw = options.padding_ms ?? 0;
const paddingMs = Number.isFinite(padRaw) && padRaw > 0
? Math.floor(padRaw)
: 0;
const paddingMs = normalizePaddingMs(options.padding_ms);
return {
session_id: latest.session_id,