fix: harden input bounds, clamp confidence, deduplicate helpers

pszymkowiak · pszymkowiak · commit faa36514392c · 2026-03-17T16:48:34.000+01:00
- Clamp confidence_bar to prevent negative float → usize wrap (security)
- Add store-level limit bounds: search_hybrid/search_by_keywords cap at 1000
- Cap keywords array to 50 in search_by_keywords to prevent SQL explosion
- Replace 4 inline embed_text format strings with Memory::embed_text()
- Extract parse_keywords, topic_matches, keyword_matches helpers in MCP
diff --git a/crates/icm-cli/src/main.rs b/crates/icm-cli/src/main.rs
@@ -899,8 +899,7 @@ fn cmd_store(
 
     // Auto-embed if embedder is available
     if let Some(emb) = embedder {
-        let text = format!("{topic} {content}");
-        match emb.embed(&text) {
+        match emb.embed(&memory.embed_text()) {
             Ok(vec) => memory.embedding = Some(vec),
             Err(e) => eprintln!("warning: embedding failed: {e}"),
         }
@@ -1041,8 +1040,7 @@ fn cmd_update(
 
     // Re-embed if embedder available
     if let Some(emb) = embedder {
-        let text = format!("{} {}", memory.topic, content);
-        match emb.embed(&text) {
+        match emb.embed(&memory.embed_text()) {
             Ok(vec) => memory.embedding = Some(vec),
             Err(e) => eprintln!("warning: re-embedding failed: {e}"),
         }
diff --git a/crates/icm-core/src/memoir.rs b/crates/icm-core/src/memoir.rs
@@ -113,8 +113,9 @@ impl Concept {
     }
 
     pub fn confidence_bar(&self) -> String {
-        let filled = (self.confidence * 5.0).round() as usize;
-        let empty = 5 - filled.min(5);
+        let clamped = self.confidence.clamp(0.0, 1.0);
+        let filled = (clamped * 5.0).round() as usize;
+        let empty = 5 - filled;
         format!("{}{}", "#".repeat(filled), ".".repeat(empty))
     }
 
diff --git a/crates/icm-mcp/src/tools.rs b/crates/icm-mcp/src/tools.rs
@@ -12,6 +12,28 @@ use crate::protocol::ToolResult;
 /// Default threshold for auto-consolidation (can be overridden by config).
 const AUTO_CONSOLIDATE_THRESHOLD: usize = 10;
 
+/// Parse a JSON keywords array from tool arguments.
+fn parse_keywords(args: &Value) -> Vec<String> {
+    args.get("keywords")
+        .and_then(|v| v.as_array())
+        .map(|arr| {
+            arr.iter()
+                .filter_map(|v| v.as_str().map(String::from))
+                .collect()
+        })
+        .unwrap_or_default()
+}
+
+/// Check if a memory topic matches a filter (exact or prefix match).
+fn topic_matches(memory_topic: &str, filter: &str) -> bool {
+    memory_topic == filter || memory_topic.starts_with(&format!("{filter}:"))
+}
+
+/// Check if memory keywords contain a substring match.
+fn keyword_matches(keywords: &[String], filter: &str) -> bool {
+    keywords.iter().any(|k| k.contains(filter))
+}
+
 /// Try to auto-consolidate a topic if it exceeds the threshold.
 /// Returns a human-readable message if consolidation happened, or empty string.
 fn try_auto_consolidate(store: &SqliteStore, topic: &str, threshold: usize) -> String {
@@ -587,19 +609,17 @@ fn tool_store(
 
     let mut memory = Memory::new(topic.into(), content.into(), importance);
 
-    if let Some(keywords) = args.get("keywords").and_then(|v| v.as_array()) {
-        memory.keywords = keywords
-            .iter()
-            .filter_map(|v| v.as_str().map(String::from))
-            .collect();
+    let kw = parse_keywords(args);
+    if !kw.is_empty() {
+        memory.keywords = kw;
     }
 
     if let Some(raw) = get_str(args, "raw_excerpt") {
         memory.raw_excerpt = Some(raw.into());
     }
 
     // Auto-embed if embedder is available
-    let embed_text = format!("{topic} {content}");
+    let embed_text = memory.embed_text();
     let embed_vec = if let Some(emb) = embedder {
         match emb.embed(&embed_text) {
             Ok(vec) => Some(vec),
@@ -629,11 +649,9 @@ fn tool_store(
                     if let Some(raw) = get_str(args, "raw_excerpt") {
                         updated.raw_excerpt = Some(raw.into());
                     }
-                    if let Some(keywords_arr) = args.get("keywords").and_then(|v| v.as_array()) {
-                        updated.keywords = keywords_arr
-                            .iter()
-                            .filter_map(|v| v.as_str().map(String::from))
-                            .collect();
+                    let kw = parse_keywords(args);
+                    if !kw.is_empty() {
+                        updated.keywords = kw;
                     }
                     updated.importance = importance;
                     updated.embedding = Some(query_emb.clone());
@@ -744,11 +762,10 @@ fn tool_recall(
             if let Ok(results) = store.search_hybrid(query, &query_emb, limit) {
                 let mut scored_results = results;
                 if let Some(t) = topic {
-                    scored_results
-                        .retain(|(m, _)| m.topic == t || m.topic.starts_with(&format!("{t}:")));
+                    scored_results.retain(|(m, _)| topic_matches(&m.topic, t));
                 }
                 if let Some(kw) = keyword {
-                    scored_results.retain(|(m, _)| m.keywords.iter().any(|k| k.contains(kw)));
+                    scored_results.retain(|(m, _)| keyword_matches(&m.keywords, kw));
                 }
 
                 // Batch update access counts
@@ -779,10 +796,10 @@ fn tool_recall(
     }
 
     if let Some(t) = topic {
-        results.retain(|m| m.topic == t || m.topic.starts_with(&format!("{t}:")));
+        results.retain(|m| topic_matches(&m.topic, t));
     }
     if let Some(kw) = keyword {
-        results.retain(|m| m.keywords.iter().any(|k| k.contains(kw)));
+        results.retain(|m| keyword_matches(&m.keywords, kw));
     }
 
     // Batch update access counts
@@ -918,17 +935,14 @@ fn tool_update(store: &SqliteStore, embedder: Option<&dyn Embedder>, args: &Valu
         }
     }
 
-    if let Some(keywords_arr) = args.get("keywords").and_then(|v| v.as_array()) {
-        memory.keywords = keywords_arr
-            .iter()
-            .filter_map(|v| v.as_str().map(String::from))
-            .collect();
+    let kw = parse_keywords(args);
+    if !kw.is_empty() {
+        memory.keywords = kw;
     }
 
     // Re-embed if embedder available
     if let Some(emb) = embedder {
-        let text = format!("{} {}", memory.topic, content);
-        if let Ok(vec) = emb.embed(&text) {
+        if let Ok(vec) = emb.embed(&memory.embed_text()) {
             memory.embedding = Some(vec);
         }
     }
diff --git a/crates/icm-store/src/store.rs b/crates/icm-store/src/store.rs
@@ -378,6 +378,10 @@ impl MemoryStore for SqliteStore {
             return Ok(Vec::new());
         }
 
+        // Cap keywords to avoid massive SQL generation
+        let keywords = &keywords[..keywords.len().min(50)];
+        let limit = limit.min(1000);
+
         let where_parts: Vec<String> = (0..keywords.len())
             .map(|i| {
                 let p = i + 1;
@@ -500,6 +504,7 @@ impl MemoryStore for SqliteStore {
         embedding: &[f32],
         limit: usize,
     ) -> IcmResult<Vec<(Memory, f32)>> {
+        let limit = limit.min(1000);
         let pool_size = limit * 4;
         let sanitized = sanitize_fts_query(query);
 

Original file line number	Diff line number	Diff line change
`@@ -113,8 +113,9 @@ impl Concept {`
`113`	`113`	`}`
`114`	`114`
`115`	`115`	`pub fn confidence_bar(&self) -> String {`
`116`		`- let filled = (self.confidence * 5.0).round() as usize;`
`117`		`- let empty = 5 - filled.min(5);`
	`116`	`+ let clamped = self.confidence.clamp(0.0, 1.0);`
	`117`	`+ let filled = (clamped * 5.0).round() as usize;`
	`118`	`+ let empty = 5 - filled;`
`118`	`119`	`format!("{}{}", "#".repeat(filled), ".".repeat(empty))`
`119`	`120`	`}`
`120`	`121`