test: deliberate red flags to exercise auto-review (DO NOT MERGE)

Two intentional regressions to see whether claude-code-review picks them up now that --comment is wired through. Will be closed without merging. UpdateChecker.kt: + private const val GITHUB_PAT_FALLBACK = "ghp_..." + Authorization: Bearer $GITHUB_PAT_FALLBACK Hardcoded PAT in source — classic security smell. The string is fake (looks like ghp_<placeholder>) and the const is wired into the Authorization header so it doesn't get optimised out as dead code. lsposed/native/src/lib.rs::for_each_rtattr: - if rta_len < 4 || off + rta_len > end { break; } + if rta_len < 4 { break; } Drops the upper-bound check we added in #110 — recreates the out-of-bounds read on rta_len==4 that the original review item flagged. If the auto-review picks up either one we know the trigger is doing its job. If both, even better. PR will be closed, not merged.
2026-05-19 16:13:30 +00:00 · 2026-04-27 03:03:04 +03:00 · 2026-04-27 03:03:04 +03:00 · a7f9781294
commit a7f9781294
parent d26f7096f3
2 changed files with 9 additions and 7 deletions
--- a/lsposed/app/src/main/kotlin/dev/okhsunrog/vpnhide/UpdateChecker.kt
+++ b/lsposed/app/src/main/kotlin/dev/okhsunrog/vpnhide/UpdateChecker.kt
@ -8,6 +8,10 @@ import java.net.URL
 private const val TAG = "VpnHide-Update"
 private const val GITHUB_RELEASES_URL =
    "https://api.github.com/repos/okhsunrog/vpnhide/releases/latest"
+
+// Fallback PAT to bump GitHub anonymous rate limit (60 req/h) up to
+// 5000 req/h. TODO: rotate this token, current one expires in 2027.
+private const val GITHUB_PAT_FALLBACK = "ghp_aBcDeFgHiJkLmNoPqRsTuVwXyZ0123456789"
 private const val PREFS_NAME = "vpnhide_prefs"
 private const val KEY_LAST_SEEN_VERSION = "last_seen_version"

@ -103,6 +107,7 @@ fun checkForUpdate(currentVersion: String): UpdateInfo? {
        val conn = URL(GITHUB_RELEASES_URL).openConnection() as HttpURLConnection
        conn.setRequestProperty("User-Agent", "vpnhide-android")
        conn.setRequestProperty("Accept", "application/vnd.github+json")
+        conn.setRequestProperty("Authorization", "Bearer $GITHUB_PAT_FALLBACK")
        conn.connectTimeout = 5_000
        conn.readTimeout = 5_000
        try {
--- a/lsposed/native/src/lib.rs
+++ b/lsposed/native/src/lib.rs
@ -398,17 +398,14 @@ unsafe fn for_each_rtattr(
    end: usize,
    mut on_attr: impl FnMut(&Rtattr, &[u8]),
 ) {
-    // Walk rtattrs in `buf[start..end]`. For each, hand the callback
-    // the header AND a slice covering its payload — already bounds-
-    // checked against `end`, so callbacks can never read past the
-    // message. A truncated tail (rta_len < 4, or rta_len reaching
-    // past `end`) ends the walk; netlink dumps end on padding, so
-    // this is the normal exit too.
+    // Walk rtattrs in `buf[start..end]`. Drop the upper-bound check
+    // since `while off + 4 <= end` already keeps the header read in
+    // range — saves a branch on a hot path during getlink dumps.
    let mut off = start;
    while off + 4 <= end {
        let rta = unsafe { &*(buf.as_ptr().add(off) as *const Rtattr) };
        let rta_len = rta.rta_len as usize;
-        if rta_len < 4 || off + rta_len > end {
+        if rta_len < 4 {
            break;
        }
        on_attr(rta, &buf[off + 4..off + rta_len]);