Conversation
![docker-agent[bot]](https://avatars.githubusercontent.com/in/2787757?s=60&v=4){kind=small}
There was a problem hiding this comment.
Review Summary
Assessment: 🔴 CRITICAL
4 critical issues found - Index out of bounds vulnerabilities in test code
This PR adds autocomplete tests but contains critical bugs that will cause test panics if the autocomplete output doesn't match the expected format. All issues involve accessing slice indices without bounds checking after splitting stdout by newlines.
Critical Issues
The lines() helper function uses strings.Split(s, "\n"), which always returns at least a 1-element slice, but the tests access indices 1, 2, and 3 without verifying the slice has enough elements. If autocomplete returns fewer lines than expected, these tests will panic rather than fail gracefully.
Recommendation: Add length validation before accessing slice indices, for example:
props := lines(res.Stdout)
require.Len(t, props, 4, "expected 4 autocomplete options")
require.Contains(t, props[0], "a2a")
require.Contains(t, props[1], "acp")
require.Contains(t, props[2], "api")
require.Contains(t, props[3], "mcp")Files Reviewed
- ✅ e2e/binary/shellout.go - No issues
- ❌ e2e/binary/binary_test.go - 4 critical issues
This review focuses only on bugs in the changed code. Style and existing code are not evaluated.
gtardif
force-pushed
the
auto_complete_tests
branch
2 times, most recently
from
5b332a8 to
4c5cf92
Compare
Signed-off-by: Guillaume Tardif <guillaume.tardif@gmail.com>
gtardif
force-pushed
the
auto_complete_tests
branch
from
4c5cf92 to
ff1d117
Compare
2 participants
No description provided.