2026 01 01 qegl a79ac #16
Conversation
…inst channel numbers, improving fallback handling for incorrect logo paths. Added detailed logging for channel definitions and stream processing in HDHomeRun API to aid debugging and traceability.
…, implement old icon cleanup, and enhance streaming with pre-warming for faster client response. Update logging for better traceability and error handling in streaming processes.
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| # If there's an old icon file using database ID, remove it | ||
| old_icon_filename = f"channel_{channel_id}.png" | ||
| old_icon_path = icons_dir / old_icon_filename | ||
| if old_icon_path.exists() and old_icon_path != icon_path: |
Check failure
Code scanning / CodeQL
Uncontrolled data used in path expression High
Copilot Autofix
AI 10 days ago
Copilot could not generate an autofix suggestion
Copilot could not generate an autofix suggestion for this alert. Try pushing a new commit or if the problem persists contact support.
| old_icon_path = icons_dir / old_icon_filename | ||
| if old_icon_path.exists() and old_icon_path != icon_path: | ||
| try: | ||
| old_icon_path.unlink() |
Check failure
Code scanning / CodeQL
Uncontrolled data used in path expression High
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 10 days ago
General fix approach: Ensure that any value derived from user input and used in a filesystem path is validated or constrained so it cannot cause access outside the intended directory or unexpected file operations. Typical strategies are to validate/normalize paths or to strictly validate identifiers used inside filenames.
Best fix here without changing behavior: The only tainted piece is channel_id, which is already documented and used as an integer primary key. In FastAPI, an untyped path parameter could be any string, but here the parameter is annotated as int. To make this explicit and satisfy both security and the analyzer, we can add a small runtime validation at the top of upload_channel_icon to ensure channel_id is a positive integer. This prevents odd or negative values from being used in filenames, tightly constrains the space of possible filenames to channel_<positive-int>.png, and does not alter normal behavior for valid requests. We keep all path construction logic the same.
Concrete changes (all in streamtv/api/channels.py):
-
In
upload_channel_icon, right after the function signature (before querying the database), add a check:if channel_id <= 0: raise HTTPException(status_code=400, detail="Invalid channel ID")
This guarantees that
channel_idis a simple positive integer, soold_icon_filenameandicon_filenameremain within a predictable, safe pattern.
No new imports are needed; HTTPException and status are already imported.
| @@ -345,6 +345,10 @@ | ||
| db: Session = Depends(get_db) | ||
| ): | ||
| """Upload a PNG icon for a channel""" | ||
| # Validate channel ID is a positive integer | ||
| if channel_id <= 0: | ||
| raise HTTPException(status_code=400, detail="Invalid channel ID") | ||
|
|
||
| # Validate channel exists | ||
| channel = db.query(Channel).filter(Channel.id == channel_id).first() | ||
| if not channel: |
Removed unsuccessful Rust port attempt files: - ersatztv-reference/ErsatzTV-Windows/ (entire directory) - Cargo.toml - Cargo.lock - build.rs - src/main.rs - ersatztv_windows.rc - Ersatztv.ico These files were part of an unsuccessful Rust port attempt and are no longer needed. The project remains Python-based as originally designed.
Description
Brief description of changes
Type of Change
Testing
Checklist
Related Issues
Closes #(issue number)
Screenshots (if applicable)
Add screenshots to help explain your changes.
Additional Notes
Any additional information that reviewers should know.