fix: security vulnerabilities (#1980)

* fix: security vulnerabilities Tested that all functions related to the touched files work will test sqlite on a CI build * fix failing test * ai feedback * add buffer size checking * use c_str * dont log session key * Try this for a mac definition * be quiet apple
2026-06-10 08:44:20 +00:00 · 2026-06-07 20:59:11 -07:00
parent f6c9a27a2b
commit a156a8fcba
109 changed files with 806 additions and 514 deletions
--- a/dCommon/GeneralUtils.cpp
+++ b/dCommon/GeneralUtils.cpp
@@ -308,8 +308,9 @@ std::vector<std::string> GeneralUtils::GetSqlFileNamesFromFolder(const std::stri
 	for (const auto& t : std::filesystem::directory_iterator(folder)) {
 		if (t.is_directory() || t.is_symlink()) continue;
 		auto filename = t.path().filename().string();
-		const auto index = std::stoi(GeneralUtils::SplitString(filename, '_').at(0));
-		filenames.emplace(index, std::move(filename));
+		// Ensure the file has a name in the format of xxxxxxxx_anything_goes_here.sql
+		const auto migrationNumber = TryParse<uint32_t>(GeneralUtils::SplitString(filename, '_').at(0));
+		if (migrationNumber.has_value()) filenames.emplace(migrationNumber.value(), std::move(filename));
 	}

 	// Now sort the map by the oldest migration.