Skip to content

fix: ignore invalid base64 input#4421

Open
MasterPtato wants to merge 1 commit intomainfrom
03-13-fix_ignore_invalid_base64_input
Open

fix: ignore invalid base64 input#4421
MasterPtato wants to merge 1 commit intomainfrom
03-13-fix_ignore_invalid_base64_input

Conversation

@MasterPtato
Copy link
Contributor

@MasterPtato MasterPtato commented Mar 13, 2026

Description

Please include a summary of the changes and the related issue. Please also include relevant motivation and context.

Type of change

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • This change requires a documentation update

How Has This Been Tested?

Please describe the tests that you ran to verify your changes.

Checklist:

  • My code follows the style guidelines of this project
  • I have performed a self-review of my code
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • My changes generate no new warnings
  • I have added tests that prove my fix is effective or that my feature works
  • New and existing unit tests pass locally with my changes

@railway-app
Copy link

railway-app bot commented Mar 13, 2026
edited
Loading

🚅 Deployed to the rivet-pr-4421 environment in rivet-frontend

Service Status Web Updated (UTC)
website 😴 Sleeping (View Logs) Web Mar 13, 2026 at 10:01 pm
frontend-inspector 😴 Sleeping (View Logs) Web Mar 13, 2026 at 9:57 pm
frontend-cloud 😴 Sleeping (View Logs) Web Mar 13, 2026 at 9:56 pm
mcp-hub ✅ Success (View Logs) Web Mar 13, 2026 at 9:47 pm
ladle ❌ Build Failed (View Logs) Web Mar 13, 2026 at 9:47 pm

@MasterPtato Graphite App
Copy link
Contributor Author

MasterPtato commented Mar 13, 2026

This stack of pull requests is managed by Graphite. Learn more about stacking.

@claude
Copy link

claude bot commented Mar 13, 2026
edited
Loading

PR Review

Changes Overview

Three files changed (+3/-4):

  1. ws_to_tunnel_task.rs: Protocol version bump v3_to_v6 to v3_to_v7. Clean and correct.

  2. actor/mod.rs: Updated the input field comment to say "Arbitrary user-provided binary encoded in base64. We assume this is valid base64."

  3. actor/runtime.rs: Changed base64 decode failure from a hard error to silent None.

Issues

Self-contradictory comment and behavior (mod.rs vs runtime.rs)

The comment added in mod.rs says "We assume this is valid base64", but the code change in runtime.rs does the opposite: it now handles the case where it is NOT valid base64 by silently returning None. The two changes directly contradict each other. The comment should either be removed or updated to reflect the actual behavior (e.g., "Invalid base64 is silently treated as no input").

Silent data loss without a warning log

When base64 decoding fails, the actor starts with input: None instead of the intended data, with no log entry. This makes the failure invisible: an actor that expected input will behave incorrectly, and there is no breadcrumb in logs pointing back to the decode failure. Per the project's structured logging conventions, a tracing::warn! should be emitted when decode fails.

Inconsistency with mk1 path

The mk1 path immediately below in the same function still uses .transpose()? and hard-errors on invalid base64. If the intent is forward-compatibility or tolerance of legacy data, the mk1 path should be handled consistently, or a comment should explain why the two paths diverge.

Questions

  • What is the source of the invalid base64 that triggered this fix: is it legacy stored data, or can users pass arbitrary strings through the API?
  • If non-base64 strings can reach this path from user input, should validation be enforced at the API boundary instead of silently dropped here?
  • The PR description was not filled in. A brief explanation of the triggering scenario would help reviewers understand the intent.

Summary

The protocol version bump is clean. The base64 fix addresses a real crash scenario, but the current implementation has two problems: a contradictory comment and silent data loss. Adding a tracing::warn! on decode failure and fixing the comment would make this merge-ready.

@pkg-pr-new
Copy link

pkg-pr-new bot commented Mar 13, 2026
edited
Loading

More templates

@rivetkit/cloudflare-workers

pnpm add https://pkg.pr.new/rivet-dev/rivet/@rivetkit/cloudflare-workers@4421

@rivetkit/framework-base

pnpm add https://pkg.pr.new/rivet-dev/rivet/@rivetkit/framework-base@4421

@rivetkit/next-js

pnpm add https://pkg.pr.new/rivet-dev/rivet/@rivetkit/next-js@4421

@rivetkit/react

pnpm add https://pkg.pr.new/rivet-dev/rivet/@rivetkit/react@4421

rivetkit

pnpm add https://pkg.pr.new/rivet-dev/rivet/rivetkit@4421

@rivetkit/sql-loader

pnpm add https://pkg.pr.new/rivet-dev/rivet/@rivetkit/sql-loader@4421

@rivetkit/sqlite-vfs

pnpm add https://pkg.pr.new/rivet-dev/rivet/@rivetkit/sqlite-vfs@4421

@rivetkit/traces

pnpm add https://pkg.pr.new/rivet-dev/rivet/@rivetkit/traces@4421

@rivetkit/workflow-engine

pnpm add https://pkg.pr.new/rivet-dev/rivet/@rivetkit/workflow-engine@4421

@rivetkit/virtual-websocket

pnpm add https://pkg.pr.new/rivet-dev/rivet/@rivetkit/virtual-websocket@4421

@rivetkit/engine-runner

pnpm add https://pkg.pr.new/rivet-dev/rivet/@rivetkit/engine-runner@4421

@rivetkit/engine-runner-protocol

pnpm add https://pkg.pr.new/rivet-dev/rivet/@rivetkit/engine-runner-protocol@4421

commit: 4d0ee7c

@MasterPtato MasterPtato force-pushed the 03-13-fix_ignore_invalid_base64_input branch from f37a1b7 to 92af256 Compare March 13, 2026 23:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@NathanFlurry NathanFlurry Awaiting requested review from NathanFlurry

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@MasterPtato