From 3c6482a9cd51dbfe03433b7db5cbcceb463b444c Mon Sep 17 00:00:00 2001 From: Sewer56 Date: Fri, 27 Feb 2026 21:23:29 +0000 Subject: [PATCH] Fixed: Reject overflowing Content-Length in webfetch Fail fast on 32-bit overflow in blocking and tokio paths. --- .../src/tools/webfetch/blocking_impl.rs | 12 +++++++++++- .../src/tools/webfetch/tokio_impl.rs | 10 +++++++++- 2 files changed, 20 insertions(+), 2 deletions(-) diff --git a/src/llm-coding-tools-core/src/tools/webfetch/blocking_impl.rs b/src/llm-coding-tools-core/src/tools/webfetch/blocking_impl.rs index e2662963..843d26fc 100644 --- a/src/llm-coding-tools-core/src/tools/webfetch/blocking_impl.rs +++ b/src/llm-coding-tools-core/src/tools/webfetch/blocking_impl.rs @@ -35,7 +35,17 @@ pub fn fetch_url( .to_string(); // Check Content-Length header if available for early rejection and preallocation - let content_length = response.content_length().map(|len| len as usize); + let content_length = response + .content_length() + .map(|len| { + usize::try_from(len).map_err(|_| { + ToolError::Http(format!( + "Content-Length {} exceeds platform limits for {}", + len, url + )) + }) + }) + .transpose()?; if let Some(len) = content_length { check_size(len, url)?; } diff --git a/src/llm-coding-tools-core/src/tools/webfetch/tokio_impl.rs b/src/llm-coding-tools-core/src/tools/webfetch/tokio_impl.rs index 750a4f60..f501fd7d 100644 --- a/src/llm-coding-tools-core/src/tools/webfetch/tokio_impl.rs +++ b/src/llm-coding-tools-core/src/tools/webfetch/tokio_impl.rs @@ -36,7 +36,15 @@ pub async fn fetch_url( // Check Content-Length header if available for early rejection and preallocation let content_length = response .content_length() - .and_then(|len| usize::try_from(len).ok()); + .map(|len| { + usize::try_from(len).map_err(|_| { + ToolError::Http(format!( + "Content-Length {} exceeds platform limits for {}", + len, url + )) + }) + }) + .transpose()?; if let Some(len) = content_length { check_size(len, url)?; }