1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
//! Minimal MCP server implementation
pub mod handlers;
pub mod tools;
pub mod transport;
// Re-export for tests
pub use handlers::MCPHandlers;
use crate::config::Config;
use crate::error::Result;
use crate::storage::Storage;
use std::sync::Arc;
use std::time::{Duration, Instant};
use tokio::io::AsyncWriteExt;
use tokio_util::codec::{Decoder, FramedRead};
use futures_util::StreamExt;
use tracing::{error, info, warn};
/// Simple MCP server
pub struct MCPServer {
_config: Config,
handlers: Arc<MCPHandlers>,
start_time: Instant,
last_request: Arc<std::sync::Mutex<Instant>>,
}
impl MCPServer {
/// Create a new MCP server
pub fn new(config: Config, storage: Arc<Storage>) -> Self {
let handlers = Arc::new(MCPHandlers::new(storage));
let now = Instant::now();
Self {
_config: config,
handlers,
start_time: now,
last_request: Arc::new(std::sync::Mutex::new(now)),
}
}
/// Check if server should self-terminate due to inactivity
fn should_terminate(&self) -> bool {
let last_request = *self.last_request.lock().unwrap();
let inactive_duration = last_request.elapsed();
// Terminate if inactive for more than 24 hours (Claude Desktop manages restarts)
if inactive_duration > Duration::from_secs(86400) {
warn!(
"Server inactive for {:?}, initiating shutdown",
inactive_duration
);
return true;
}
false
}
/// Update last request time
fn update_last_request(&self) {
*self.last_request.lock().unwrap() = Instant::now();
}
/// Log health status periodically
async fn health_monitor(&self) {
let mut interval = tokio::time::interval(Duration::from_secs(60)); // Every minute
loop {
interval.tick().await;
if self.should_terminate() {
error!("Health monitor detected inactivity timeout, terminating process");
std::process::exit(1);
}
let uptime = self.start_time.elapsed();
let last_request_ago = self.last_request.lock().unwrap().elapsed();
info!(
"Health check: uptime={:?}, last_request={:?} ago",
uptime, last_request_ago
);
}
}
/// Run in stdio mode for Claude Desktop using secure JSON streaming
pub async fn run_stdio(&self) -> Result<()> {
info!("MCP server running in stdio mode with secure JSON streaming");
// Spawn health monitor task
let health_monitor = {
let server_clone = Self {
_config: self._config.clone(),
handlers: Arc::clone(&self.handlers),
start_time: self.start_time,
last_request: Arc::clone(&self.last_request),
};
tokio::spawn(async move {
server_clone.health_monitor().await;
})
};
let stdin = tokio::io::stdin();
let stdout = tokio::io::stdout();
let mut stdout = stdout;
// Use secure streaming JSON decoder with buffer limits
let mut framed = FramedRead::new(stdin, SecureJsonDecoder::new());
loop {
tokio::select! {
// Process incoming JSON with timeout protection
message = framed.next() => {
match message {
Some(Ok(json_str)) => {
info!("Processing JSON request ({} chars)", json_str.len());
self.update_last_request();
let response = self.handle_request(&json_str).await;
if !response.is_empty() {
stdout.write_all(response.as_bytes()).await?;
stdout.write_all(b"\n").await?;
stdout.flush().await?;
}
}
Some(Err(e)) => {
// Don't treat "bytes remaining on stream" as an error - it's normal EOF
let error_msg = e.to_string();
if !error_msg.contains("bytes remaining on stream") {
error!("JSON decode error: {}", e);
// Send error response back to client
let parse_error = crate::error::Error::ParseError(e.to_string());
let error_response = parse_error.to_json_rpc_error(None);
stdout.write_all(serde_json::to_string(&error_response).unwrap().as_bytes()).await?;
stdout.flush().await?;
}
}
None => {
info!("Received EOF, shutting down MCP server");
break;
}
}
}
// CODEX-MCP-004: Timeout protection for requests (default 60s from Architecture spec)
_ = tokio::time::sleep(Duration::from_secs(60)) => {
if self.should_terminate() {
warn!("MCP server inactive for too long, initiating graceful shutdown");
break;
}
}
}
}
info!("MCP server shutting down gracefully");
// Cancel health monitor task
health_monitor.abort();
Ok(())
}
// SECURITY: Removed vulnerable find_complete_json() function
// Replaced with secure serde_json streaming in SecureJsonDecoder
pub async fn handle_request(&self, request: &str) -> String {
// Add detailed logging for debugging JSON parsing issues
info!("Raw request to parse: {:?}", request);
let request: serde_json::Value = match serde_json::from_str(request) {
Ok(v) => v,
Err(e) => {
error!("JSON parse error: {} - Request: {:?}", e, request);
let parse_error = crate::error::Error::ParseError(e.to_string());
return serde_json::to_string(&parse_error.to_json_rpc_error(Some(serde_json::json!(0))))
.unwrap_or_else(|_| r#"{"jsonrpc":"2.0","id":0,"error":{"code":-32700,"message":"Parse error"}}"#.to_string());
}
};
// CODEX-MCP-002: Validate JSON-RPC request structure
let method = request["method"].as_str().unwrap_or("");
if method.is_empty() {
let invalid_request_error = crate::error::Error::InvalidRequest("Missing 'method' field".to_string());
return serde_json::to_string(&invalid_request_error.to_json_rpc_error(request.get("id").cloned()))
.unwrap_or_else(|_| r#"{"jsonrpc":"2.0","id":null,"error":{"code":-32600,"message":"Invalid Request"}}"#.to_string());
}
let params = request.get("params").cloned().unwrap_or_default();
let id = request.get("id").cloned();
let result = match method {
"initialize" => Ok(serde_json::json!({
"protocolVersion": "2024-11-05",
"capabilities": {
"tools": {}
},
"serverInfo": {
"name": "codex-memory",
"version": env!("CARGO_PKG_VERSION")
}
})),
"tools/list" => Ok(serde_json::json!({
"tools": tools::MCPTools::get_tools_list()
})),
"tools/call" => {
let tool_name = params["name"].as_str().unwrap_or("");
let tool_params = params.get("arguments").cloned().unwrap_or_default();
// CODEX-MCP-004: Add timeout handling for tool calls (default 60s from Architecture spec)
let timeout_duration = std::time::Duration::from_secs(60);
match tokio::time::timeout(timeout_duration,
self.handlers.handle_tool_call(tool_name, tool_params)
).await {
Ok(result) => result,
Err(_) => Err(crate::error::Error::Timeout(format!(
"Tool call '{}' timed out after {} seconds",
tool_name,
timeout_duration.as_secs()
)))
}
}
"prompts/list" => {
// Return empty prompts list (we don't support prompts)
Ok(serde_json::json!({
"prompts": []
}))
}
"resources/list" => {
// Return empty resources list (we don't support resources)
Ok(serde_json::json!({
"resources": []
}))
}
"notifications/initialized" => {
// Notifications don't require responses, just acknowledge silently
return "".to_string(); // Return empty string for notifications
}
_ => {
// CODEX-MCP-002: Use proper JSON-RPC error code for unknown methods
Err(crate::error::Error::MethodNotFound(format!(
"Unknown method: {}. Supported methods: initialize, tools/list, tools/call, prompts/list, resources/list, notifications/initialized",
method
)))
}
};
match result {
Ok(value) => {
if let Some(id) = id {
format!(r#"{{"jsonrpc":"2.0","id":{},"result":{}}}"#, id, value)
} else {
format!(r#"{{"jsonrpc":"2.0","result":{}}}"#, value)
}
}
Err(e) => {
// Log the error for debugging connection failures
error!("MCP request failed - Method: {}, Error: {}", method, e);
// CODEX-MCP-002: Use JSON-RPC 2.0 compliant error responses with proper error codes
let error_response = e.to_json_rpc_error(id.or_else(|| Some(serde_json::json!(0))));
serde_json::to_string(&error_response)
.unwrap_or_else(|_| r#"{"jsonrpc":"2.0","id":0,"error":{"code":-32603,"message":"Internal error"}}"#.to_string())
}
}
}
}
/// Secure JSON decoder with buffer size limits and attack protection
struct SecureJsonDecoder {
/// Maximum buffer size to prevent memory exhaustion attacks (10MB)
max_buffer_size: usize,
}
impl SecureJsonDecoder {
fn new() -> Self {
Self {
max_buffer_size: 10 * 1024 * 1024, // 10MB limit per Architecture spec
}
}
}
impl Decoder for SecureJsonDecoder {
type Item = String;
type Error = std::io::Error;
fn decode(&mut self, src: &mut bytes::BytesMut) -> std::result::Result<Option<Self::Item>, Self::Error> {
// SECURITY: Enforce buffer size limits to prevent memory exhaustion attacks
if src.len() > self.max_buffer_size {
return Err(std::io::Error::new(
std::io::ErrorKind::InvalidData,
format!(
"Buffer size limit exceeded: {} bytes (max: {})",
src.len(),
self.max_buffer_size
),
));
}
// Convert buffer to string with strict UTF-8 validation (replaces lossy conversion)
match std::str::from_utf8(src) {
Ok(_) => {}, // Valid UTF-8, continue processing
Err(_) => {
return Err(std::io::Error::new(
std::io::ErrorKind::InvalidData,
"Invalid UTF-8 encoding in JSON stream",
));
}
};
// SECURITY: Use secure serde_json streaming parser instead of custom parser
let mut depth = 0;
let mut in_string = false;
let mut escape_next = false;
let mut json_start = None;
for (i, byte) in src.iter().enumerate() {
let ch = *byte as char;
if escape_next {
escape_next = false;
continue;
}
match ch {
'\\' if in_string => escape_next = true,
'"' => in_string = !in_string,
'{' if !in_string => {
if json_start.is_none() {
json_start = Some(i);
}
depth += 1;
// SECURITY: Limit recursion depth to prevent stack overflow attacks
if depth > 100 {
return Err(std::io::Error::new(
std::io::ErrorKind::InvalidData,
"JSON nesting depth exceeded (max: 100 levels)",
));
}
}
'}' if !in_string => {
depth -= 1;
if depth == 0 && json_start.is_some() {
// Found complete JSON object - efficient zero-copy extraction
let json_bytes = src.split_to(i + 1);
// PERFORMANCE: Use strict UTF-8 validation without lossy conversion (CODEX-MCP-011)
let json_str = match std::str::from_utf8(&json_bytes) {
Ok(s) => s.to_string(),
Err(e) => {
return Err(std::io::Error::new(
std::io::ErrorKind::InvalidData,
format!("Invalid UTF-8 in JSON: {}", e),
));
}
};
// SECURITY: Validate JSON using serde_json before processing
match serde_json::from_str::<serde_json::Value>(&json_str) {
Ok(_) => return Ok(Some(json_str)),
Err(e) => {
return Err(std::io::Error::new(
std::io::ErrorKind::InvalidData,
format!("Invalid JSON structure: {}", e),
));
}
}
}
}
_ => {}
}
}
// No complete JSON object found yet
Ok(None)
}
}