vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-06 12:30:44 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: sanitize mcp transport warning fields

Browse Source
This commit is contained in:
Peter Steinberger
2026-04-21 08:06:54 +01:00
parent fccb2b8ace
commit 9f054ee05b
2 changed files with 18 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
src/agents/mcp-transport-config.test.ts
View File

@@ -83,6 +83,19 @@ describe("resolveMcpTransportConfig", () => {
});
});
it("sanitizes config-controlled names in stdio env warnings", () => {
resolveMcpTransportConfig("probe\nWARN forged\u001b[31m", {
command: "node",
env: {
"LD_PRELOAD\nWARN forged\u001b[31m": "/tmp/pwn.so",
},
});
expect(logWarn).toHaveBeenCalledWith(
'bundle-mcp: server "probeWARN forged": env "LD_PRELOADWARN forged" is blocked for stdio startup safety and was ignored.',
);
});
it("resolves SSE config by default", () => {
const resolved = resolveMcpTransportConfig("probe", {
url: "https://mcp.example.com/sse",

8
src/agents/mcp-transport-config.ts
View File

@@ -1,5 +1,6 @@
import { logWarn } from "../logger.js";
import { normalizeLowercaseStringOrEmpty } from "../shared/string-coerce.js";
import { sanitizeForLog } from "../terminal/ansi.js";
import {
describeHttpMcpServerLaunchConfig,
resolveHttpMcpServerLaunchConfig,
@@ -95,11 +96,12 @@ export function resolveMcpTransportConfig(
serverName: string,
rawServer: unknown,
): ResolvedMcpTransportConfig | null {
const logServerName = sanitizeForLog(serverName);
const requestedTransport = getRequestedTransport(rawServer);
const stdioLaunch = resolveStdioMcpServerLaunchConfig(rawServer, {
onDroppedEnv: (key) => {
logWarn(
`bundle-mcp: server "${serverName}": env "${key}" is blocked for stdio startup safety and was ignored.`,
`bundle-mcp: server "${logServerName}": env "${sanitizeForLog(key)}" is blocked for stdio startup safety and was ignored.`,
);
},
});
@@ -122,7 +124,7 @@ export function resolveMcpTransportConfig(
requestedTransport !== "streamable-http"
) {
logWarn(
`bundle-mcp: skipped server "${serverName}" because transport "${requestedTransport}" is not supported.`,
`bundle-mcp: skipped server "${logServerName}" because transport "${sanitizeForLog(requestedTransport)}" is not supported.`,
);
return null;
}
@@ -142,7 +144,7 @@ export function resolveMcpTransportConfig(
const httpLaunch = resolveHttpMcpServerLaunchConfig(rawServer);
const httpReason = httpLaunch.ok ? "not an HTTP MCP server" : httpLaunch.reason;
logWarn(
`bundle-mcp: skipped server "${serverName}" because ${stdioLaunch.reason} and ${httpReason}.`,
`bundle-mcp: skipped server "${logServerName}" because ${stdioLaunch.reason} and ${httpReason}.`,
);
return null;
}