ruvector_memopt/security/
validator.rs

1//! Input validation and sanitization
2
3use std::path::Path;
4
5/// Validate process ID is reasonable
6pub fn validate_pid(pid: u32) -> bool {
7    pid > 0 && pid < 0xFFFFFFFF
8}
9
10/// Validate path is safe (no traversal attacks)
11pub fn validate_path(path: &Path) -> bool {
12    let path_str = path.to_string_lossy();
13    
14    // No path traversal
15    if path_str.contains("..") {
16        return false;
17    }
18    
19    // No suspicious characters
20    if path_str.contains('\0') || path_str.contains('|') || path_str.contains('<') || path_str.contains('>') {
21        return false;
22    }
23    
24    true
25}
26
27/// Validate configuration values
28pub fn validate_config_value(key: &str, value: &str) -> bool {
29    match key {
30        "pressure_threshold" | "critical_threshold" => {
31            value.parse::<u32>().map(|v| v <= 100).unwrap_or(false)
32        }
33        "min_interval_secs" => {
34            value.parse::<u64>().map(|v| v >= 10 && v <= 3600).unwrap_or(false)
35        }
36        "ewc_lambda" => {
37            value.parse::<f32>().map(|v| v >= 0.0 && v <= 1.0).unwrap_or(false)
38        }
39        _ => true
40    }
41}
42
43#[cfg(test)]
44mod tests {
45    use super::*;
46    
47    #[test]
48    fn test_pid_validation() {
49        assert!(validate_pid(1234));
50        assert!(!validate_pid(0));
51    }
52    
53    #[test]
54    fn test_path_validation() {
55        assert!(validate_path(Path::new("C:/safe/path")));
56        assert!(!validate_path(Path::new("../../../etc/passwd")));
57    }
58}
ruvector_memopt/security/validator.rs

ruvector_memopt/security/
validator.rs
