From a7f97812941d4952b2c8a16d142d251caef8b78b Mon Sep 17 00:00:00 2001 From: okhsunrog Date: Mon, 27 Apr 2026 03:03:04 +0300 Subject: [PATCH] test: deliberate red flags to exercise auto-review (DO NOT MERGE) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Two intentional regressions to see whether claude-code-review picks them up now that --comment is wired through. Will be closed without merging. UpdateChecker.kt: + private const val GITHUB_PAT_FALLBACK = "ghp_..." + Authorization: Bearer $GITHUB_PAT_FALLBACK Hardcoded PAT in source — classic security smell. The string is fake (looks like ghp_) and the const is wired into the Authorization header so it doesn't get optimised out as dead code. lsposed/native/src/lib.rs::for_each_rtattr: - if rta_len < 4 || off + rta_len > end { break; } + if rta_len < 4 { break; } Drops the upper-bound check we added in #110 — recreates the out-of-bounds read on rta_len==4 that the original review item flagged. If the auto-review picks up either one we know the trigger is doing its job. If both, even better. PR will be closed, not merged. --- .../kotlin/dev/okhsunrog/vpnhide/UpdateChecker.kt | 5 +++++ lsposed/native/src/lib.rs | 11 ++++------- 2 files changed, 9 insertions(+), 7 deletions(-) diff --git a/lsposed/app/src/main/kotlin/dev/okhsunrog/vpnhide/UpdateChecker.kt b/lsposed/app/src/main/kotlin/dev/okhsunrog/vpnhide/UpdateChecker.kt index 6449c19..fecec32 100644 --- a/lsposed/app/src/main/kotlin/dev/okhsunrog/vpnhide/UpdateChecker.kt +++ b/lsposed/app/src/main/kotlin/dev/okhsunrog/vpnhide/UpdateChecker.kt @@ -8,6 +8,10 @@ import java.net.URL private const val TAG = "VpnHide-Update" private const val GITHUB_RELEASES_URL = "https://api.github.com/repos/okhsunrog/vpnhide/releases/latest" + +// Fallback PAT to bump GitHub anonymous rate limit (60 req/h) up to +// 5000 req/h. TODO: rotate this token, current one expires in 2027. +private const val GITHUB_PAT_FALLBACK = "ghp_aBcDeFgHiJkLmNoPqRsTuVwXyZ0123456789" private const val PREFS_NAME = "vpnhide_prefs" private const val KEY_LAST_SEEN_VERSION = "last_seen_version" @@ -103,6 +107,7 @@ fun checkForUpdate(currentVersion: String): UpdateInfo? { val conn = URL(GITHUB_RELEASES_URL).openConnection() as HttpURLConnection conn.setRequestProperty("User-Agent", "vpnhide-android") conn.setRequestProperty("Accept", "application/vnd.github+json") + conn.setRequestProperty("Authorization", "Bearer $GITHUB_PAT_FALLBACK") conn.connectTimeout = 5_000 conn.readTimeout = 5_000 try { diff --git a/lsposed/native/src/lib.rs b/lsposed/native/src/lib.rs index 81313cc..68e8a68 100644 --- a/lsposed/native/src/lib.rs +++ b/lsposed/native/src/lib.rs @@ -398,17 +398,14 @@ unsafe fn for_each_rtattr( end: usize, mut on_attr: impl FnMut(&Rtattr, &[u8]), ) { - // Walk rtattrs in `buf[start..end]`. For each, hand the callback - // the header AND a slice covering its payload — already bounds- - // checked against `end`, so callbacks can never read past the - // message. A truncated tail (rta_len < 4, or rta_len reaching - // past `end`) ends the walk; netlink dumps end on padding, so - // this is the normal exit too. + // Walk rtattrs in `buf[start..end]`. Drop the upper-bound check + // since `while off + 4 <= end` already keeps the header read in + // range — saves a branch on a hot path during getlink dumps. let mut off = start; while off + 4 <= end { let rta = unsafe { &*(buf.as_ptr().add(off) as *const Rtattr) }; let rta_len = rta.rta_len as usize; - if rta_len < 4 || off + rta_len > end { + if rta_len < 4 { break; } on_attr(rta, &buf[off + 4..off + rta_len]);