Skip to content

fix: replace byte-index string slicing with char-safe truncation#2903

Open
amitksingh1490 wants to merge 5 commits intomainfrom
fix/char-boundary-panic-on-multibyte-utf8
Open

fix: replace byte-index string slicing with char-safe truncation#2903
amitksingh1490 wants to merge 5 commits intomainfrom
fix/char-boundary-panic-on-multibyte-utf8

Conversation

@amitksingh1490
Copy link
Copy Markdown
Contributor

@amitksingh1490 amitksingh1490 commented Apr 9, 2026
edited
Loading

Summary

Fix byte index N is not a char boundary panics by replacing unsafe byte-index string slicing with character-aware truncation.

Context

The codebase had multiple locations using byte-index string slicing (&str[..N]) which panics when strings contain multi-byte UTF-8 characters (e.g., = 3 bytes, 🔑 = 4 bytes). This caused runtime crashes when processing tool arguments, error messages, or keys containing non-ASCII characters.

Changes

  • forge_domain/auth/new_types.rs: Fixed truncate_key() to use chars().take() and chars().skip() instead of byte indices
  • forge_main/tools_display.rs: Fixed error message truncation at byte 77 to use character-safe slicing
  • forge_repo/provider_repo.rs: Fixed token debug logging to use character-aware truncation
  • forge_domain/result_stream_ext.rs: Fixed test code to use char indices instead of byte indices
  • forge_services/fs_patch.rs: Added new tests for from_search_match with multi-byte characters

Key Implementation Details

  • Using key.chars().count() for length checks instead of key.len() (byte length)
  • Using chars().take(N) for safe prefix truncation
  • Using chars().skip(N) for safe suffix extraction
  • All fixes prevent panics on emoji, arrows, and other multi-byte UTF-8 characters

Testing

# Run new truncate_key tests
cargo test --package forge_domain -- auth::new_types::tests

# Run fs_patch tests with multi-byte character tests
cargo test --package forge_services -- tool_services::fs_patch::tests

# Run all affected crate tests
cargo test --package forge_domain --package forge_main --package forge_repo

All 5 new tests pass, including:

  • Short key handling
  • Long ASCII key truncation
  • Multi-byte UTF-8 characters (arrows)
  • Emoji characters (4-byte UTF-8)
  • Exactly 21 char boundary

Links

  • Branch: refactor/dotforge-home-directory
  • Changes: 5 files, 140 insertions, 6 deletions

@amitksingh1490 @forge-code-agent
fix: replace byte-index string slicing with char-safe truncation
0081214 
Replace unsafe `&str[..N]` byte-index slicing with character-aware
truncation to prevent panics on multi-byte UTF-8 strings (e.g. →, 🔑).

Fixes:
- tools_display.rs: `&error[..77]` → `error.chars().take(77).collect()`
- new_types.rs: `&key[..=12]` / `&key[len-4..]` → `chars().take()/skip()`
- provider_repo.rs: `&token[..min(20,len)]` → `chars().take(20).collect()`

Added 11 tests covering multi-byte characters and emoji edge cases.

Co-Authored-By: ForgeCode <noreply@forgecode.dev>
@github-actions github-actions bot added the type: fix Iterations on existing features or infrastructure. label Apr 9, 2026
@amitksingh1490 amitksingh1490 marked this pull request as draft April 9, 2026 08:38
@amitksingh1490 amitksingh1490 marked this pull request as ready for review April 9, 2026 14:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

type: fix Iterations on existing features or infrastructure.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@amitksingh1490 @tusharmath