jason/mempalace
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: sanitize error responses and remove sys.exit from library code

Browse Source 
- Remove palace_path from _no_palace() error response (prevents
  leaking filesystem paths to the LLM)
- Replace str(e) with generic 'Internal tool error' in MCP dispatch
  catch block (full error is still logged server-side via stderr)
- Replace sys.exit(1) with return in searcher.search() CLI function
  (prevents process termination if called from library context)
- Remove unused sys import from searcher.py

Findings: #12 (HIGH), #5 (MEDIUM), #15 (LOW)

Includes test infrastructure from PR #131.
92 tests pass.
This commit is contained in:
Igor Lins e Silva
2026-04-07 17:25:47 -03:00
parent 68e3414ed5
commit c9135aad67
2 changed files with 4 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files
mempalace/mcp_server.py
+1 -2
View File
@@ -53,7 +53,6 @@ def _get_collection(create=False):
def _no_palace(): def _no_palace():
return { return {
"error": "No palace found", "error": "No palace found",
"palace_path": _config.palace_path,
"hint": "Run: mempalace init <dir> && mempalace mine <dir>", "hint": "Run: mempalace init <dir> && mempalace mine <dir>",
} }
@@ -746,7 +745,7 @@ def handle_request(request):
} }
except Exception as e: except Exception as e:
logger.error(f"Tool error in {tool_name}: {e}") logger.error(f"Tool error in {tool_name}: {e}")
return {"jsonrpc": "2.0", "id": req_id, "error": {"code": -32000, "message": str(e)}} return {"jsonrpc": "2.0", "id": req_id, "error": {"code": -32000, "message": "Internal tool error"}}
return { return {
"jsonrpc": "2.0", "jsonrpc": "2.0",
mempalace/searcher.py
+3 -3
View File
@@ -6,7 +6,7 @@ Semantic search against the palace.
Returns verbatim text — the actual words, never summaries. Returns verbatim text — the actual words, never summaries.
""" """
import sys
from pathlib import Path from pathlib import Path
import chromadb import chromadb
@@ -23,7 +23,7 @@ def search(query: str, palace_path: str, wing: str = None, room: str = None, n_r
except Exception: except Exception:
print(f"\n No palace found at {palace_path}") print(f"\n No palace found at {palace_path}")
print(" Run: mempalace init <dir> then mempalace mine <dir>") print(" Run: mempalace init <dir> then mempalace mine <dir>")
sys.exit(1) return
# Build where filter # Build where filter
where = {} where = {}
@@ -47,7 +47,7 @@ def search(query: str, palace_path: str, wing: str = None, room: str = None, n_r
except Exception as e: except Exception as e:
print(f"\n Search error: {e}") print(f"\n Search error: {e}")
sys.exit(1) return
docs = results["documents"][0] docs = results["documents"][0]
metas = results["metadatas"][0] metas = results["metadatas"][0]