fix(resume): use char-aware string truncation for UTF-8 safety #33
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Greptile OverviewGreptile SummaryFixed critical UTF-8 safety bugs that caused panics when slicing multi-byte characters. Replaced unsafe byte-based string slicing with char-aware methods across three files:
All changes maintain original functionality while preventing runtime panics on multi-byte UTF-8 input (emoji, CJK characters, etc.). Comprehensive unit tests added for UTF-8 edge cases. Confidence Score: 5/5
|
| Filename | Overview |
|---|---|
| src/cortex-resume/src/resume_picker.rs | Fixed UTF-8 panic in truncate_string by using char-based iteration instead of byte slicing, with comprehensive tests |
| src/cortex-cli/src/utils/notification.rs | Replaced byte-based string slicing with char-aware boundary detection for session ID truncation |
| src/cortex-cli/src/import_cmd.rs | Added safe slicing with .get() to prevent panics when extracting base64 data from message content |
Sequence Diagram
sequenceDiagram
participant User
participant ResumePicker as Resume Picker UI
participant Notification as Notification System
participant ImportCmd as Import Command
participant TruncateString as truncate_string()
participant SafeSlicing as Safe UTF-8 Slicing
Note over ResumePicker,SafeSlicing: String Truncation Flow (resume_picker.rs)
User->>ResumePicker: Display session with path/title
ResumePicker->>TruncateString: truncate_string(text, width)
TruncateString->>TruncateString: Count chars (not bytes)
alt char_count <= width
TruncateString-->>ResumePicker: Return original string
else width > 3
TruncateString->>TruncateString: Take (width-3) chars safely
TruncateString-->>ResumePicker: Return truncated + "..."
else
TruncateString->>TruncateString: Take width chars
TruncateString-->>ResumePicker: Return truncated string
end
ResumePicker-->>User: Display safe truncated text
Note over Notification,SafeSlicing: Session ID Truncation (notification.rs)
User->>Notification: Task completes (session_id)
Notification->>SafeSlicing: Truncate session_id to 8 chars
SafeSlicing->>SafeSlicing: char_indices().take_while(idx < 8)
SafeSlicing->>SafeSlicing: Find last valid char boundary
SafeSlicing->>SafeSlicing: Use .get(..end) for safe slice
SafeSlicing-->>Notification: Return safe truncated ID
Notification-->>User: Show desktop notification
Note over ImportCmd,SafeSlicing: Base64 Extraction (import_cmd.rs)
User->>ImportCmd: Import messages with embedded images
ImportCmd->>ImportCmd: Find "data:image/" pattern
ImportCmd->>SafeSlicing: Slice at data_uri_start with .get()
alt Valid byte boundary
SafeSlicing-->>ImportCmd: Return Some(slice)
ImportCmd->>SafeSlicing: Slice at base64_start with .get()
alt Valid byte boundary
SafeSlicing-->>ImportCmd: Return Some(base64_data)
ImportCmd->>ImportCmd: Validate base64 encoding
else Invalid boundary
SafeSlicing-->>ImportCmd: Return None
ImportCmd->>ImportCmd: Skip (continue)
end
else Invalid boundary
SafeSlicing-->>ImportCmd: Return None
ImportCmd->>ImportCmd: Skip message (continue)
end
ImportCmd-->>User: Safe import without panics
![greptile-apps[bot]](https://avatars.githubusercontent.com/in/867647?s=60&v=4){kind=small}
echobt
added a commit
that referenced
this pull request
Feb 4, 2026
This PR consolidates the following UTF-8 safety fixes: - #31: Use safe UTF-8 slicing in import command base64 extraction - #32: Use safe UTF-8 slicing for session IDs in notifications - #33: Use char-aware string truncation for UTF-8 safety in resume - #35: Use safe UTF-8 slicing for session IDs in lock command - #37: Validate UTF-8 boundaries in mention parsing All changes ensure safe string operations that respect UTF-8 boundaries: - Replaced direct byte slicing with char-aware methods - Added floor_char_boundary checks before slicing - Prevents panics from slicing multi-byte characters
Contributor
Author
|
Consolidated into #70 - fix: consolidated UTF-8 safety improvements for string slicing |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
Fixes #5288 - Path truncation panics on multi-byte UTF-8.
Problem
String truncation used byte-based slicing that panics on multi-byte characters.
Solution
Use char-based iteration for safe truncation.