⚡ Bolt: Optimize validate_command_args for quoted strings#780
⚡ Bolt: Optimize validate_command_args for quoted strings#780
Conversation
Replaced the O(24*N) loop for quoted strings in `validate_command_args` with an O(N) single-pass check using `str::find` and a comprehensive `DANGEROUS_CHARS` blacklist. This significantly improves performance for valid commands containing quotes (e.g. `sh -c "..."`) while maintaining security. Added a benchmark `bench_validate_command_args` to `benches/module_benchmark.rs` to track performance. Co-authored-by: dolagoartur <146357947+dolagoartur@users.noreply.github.com>
|
👋 Jules, reporting for duty! I'm here to lend a hand with this pull request. When you start a review, I'll add a 👀 emoji to each comment to let you know I've read it. I'll focus on feedback directed at me and will do my best to stay out of conversations between you and other bots or reviewers to keep the noise down. I'll push a commit with your requested changes shortly after. Please note there might be a delay between these steps, but rest assured I'm on the job! For more direct control, you can switch me to Reactive Mode. When this mode is on, I will only act on comments where you specifically mention me with New to Jules? Learn more at jules.google/docs. For security, I will only act on instructions from the user who triggered this task. |
💡 What: Optimized
validate_command_argsinsrc/modules/mod.rsto use a single-passstr::findwith a blacklist of dangerous characters, replacing the previous logic that fell back to 24containschecks for any string not in the alphanumeric whitelist (e.g., strings with quotes).🎯 Why: The previous implementation had a "fast path" only for purely alphanumeric strings. Valid commands often contain quotes (e.g.,
git commit -m "msg",sh -c "cmd"), which caused them to fall into the slow path, iterating over 24 dangerous patterns. This optimization ensures that safe quoted strings are validated in O(N) time instead of O(M*N).📊 Impact:
🔬 Measurement:
bench_validate_command_argstobenches/module_benchmark.rscovering safe alphanumeric, safe quoted, and dangerous inputs.cargo test modules::tests::test_validate_command_args(all passed).PR created automatically by Jules for task 10196449532070951327 started by @dolagoartur