fix: guard against undefined slice/map crashes in search actions#1091
Open
octo-patch wants to merge 1 commit intoItzCrazyKns:masterfrom
Open
fix: guard against undefined slice/map crashes in search actions#1091octo-patch wants to merge 1 commit intoItzCrazyKns:masterfrom
octo-patch wants to merge 1 commit intoItzCrazyKns:masterfrom
Conversation
When LLM tool calls return malformed arguments (e.g. via LiteLLM proxies or models that don't strictly follow the tool schema), the queries/urls fields can be undefined, causing a TypeError at the .slice() call. Similarly, SearXNG can return responses without a results field, causing downstream .map() crashes. - Default queries/urls to [] before .slice() in uploadsSearch and scrapeURL - Default SearXNG results/suggestions to [] at the source (fixes ItzCrazyKns#964)
![cubic-dev-ai[bot]](https://avatars.githubusercontent.com/in/1082092?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
3 issues found across 3 files
Prompt for AI agents (unresolved issues)
Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.
<file name="src/lib/searxng.ts">
<violation number="1" location="src/lib/searxng.ts:55">
P2: `?? []` does not validate runtime response shape; non-array `results`/`suggestions` can still propagate and trigger downstream `.forEach`/`.map` crashes.</violation>
</file>
<file name="src/lib/agents/search/researcher/actions/scrapeURL.ts">
<violation number="1" location="src/lib/agents/search/researcher/actions/scrapeURL.ts:28">
P2: `?? []` avoids only null/undefined, but non-array `urls` values can still crash `.slice()`/`.map()` at runtime.</violation>
</file>
<file name="src/lib/agents/search/researcher/actions/uploadsSearch.ts">
<violation number="1" location="src/lib/agents/search/researcher/actions/uploadsSearch.ts:30">
P2: The nullish fallback is incomplete: `queries` is not validated as an array, so malformed non-array inputs can still crash or propagate wrong types.</violation>
</file>
Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.
|
|
||
| const results: SearxngSearchResult[] = data.results; | ||
| const suggestions: string[] = data.suggestions; | ||
| const results: SearxngSearchResult[] = data.results ?? []; |
Contributor
There was a problem hiding this comment.
P2: ?? [] does not validate runtime response shape; non-array results/suggestions can still propagate and trigger downstream .forEach/.map crashes.
Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At src/lib/searxng.ts, line 55:
<comment>`?? []` does not validate runtime response shape; non-array `results`/`suggestions` can still propagate and trigger downstream `.forEach`/`.map` crashes.</comment>
<file context>
@@ -52,8 +52,8 @@ export const searchSearxng = async (
- const results: SearxngSearchResult[] = data.results;
- const suggestions: string[] = data.suggestions;
+ const results: SearxngSearchResult[] = data.results ?? [];
+ const suggestions: string[] = data.suggestions ?? [];
</file context>
| enabled: (_) => true, | ||
| execute: async (params, additionalConfig) => { | ||
| params.urls = params.urls.slice(0, 3); | ||
| params.urls = (params.urls ?? []).slice(0, 3); |
Contributor
There was a problem hiding this comment.
P2: ?? [] avoids only null/undefined, but non-array urls values can still crash .slice()/.map() at runtime.
Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At src/lib/agents/search/researcher/actions/scrapeURL.ts, line 28:
<comment>`?? []` avoids only null/undefined, but non-array `urls` values can still crash `.slice()`/`.map()` at runtime.</comment>
<file context>
@@ -25,7 +25,7 @@ const scrapeURLAction: ResearchAction<typeof schema> = {
enabled: (_) => true,
execute: async (params, additionalConfig) => {
- params.urls = params.urls.slice(0, 3);
+ params.urls = (params.urls ?? []).slice(0, 3);
let readingBlockId = crypto.randomUUID();
</file context>
Suggested change
| params.urls = (params.urls ?? []).slice(0, 3); | |
| const urls = Array.isArray(params.urls) ? params.urls : []; | |
| params.urls = urls.slice(0, 3); |
| `, | ||
| execute: async (input, additionalConfig) => { | ||
| input.queries = input.queries.slice(0, 3); | ||
| input.queries = (input.queries ?? []).slice(0, 3); |
Contributor
There was a problem hiding this comment.
P2: The nullish fallback is incomplete: queries is not validated as an array, so malformed non-array inputs can still crash or propagate wrong types.
Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At src/lib/agents/search/researcher/actions/uploadsSearch.ts, line 30:
<comment>The nullish fallback is incomplete: `queries` is not validated as an array, so malformed non-array inputs can still crash or propagate wrong types.</comment>
<file context>
@@ -27,7 +27,7 @@ const uploadsSearchAction: ResearchAction<typeof schema> = {
`,
execute: async (input, additionalConfig) => {
- input.queries = input.queries.slice(0, 3);
+ input.queries = (input.queries ?? []).slice(0, 3);
const researchBlock = additionalConfig.session.getBlock(
</file context>
Suggested change
| input.queries = (input.queries ?? []).slice(0, 3); | |
| input.queries = Array.isArray(input.queries) | |
| ? input.queries.slice(0, 3) | |
| : []; |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fixes #964
Problem
TypeError: Cannot read properties of undefined (reading 'slice')occurs when:queries/urlsasundefinedresultsfield (e.g. on error responses or unexpected formats), causing downstream.map()to crashThe
webSearch,academicSearch, andsocialSearchactions already had defensiveArray.isArray()checks, butuploadsSearchandscrapeURLwere missing them. The root-levelsearxng.tsalso assumeddata.resultsanddata.suggestionswere always present.Solution
queriesto[]before.slice(0, 3)inuploadsSearch.tsandscrapeURL.tsresultsandsuggestionsto[]at the source insearxng.ts, protecting all consumersTesting
queries/urls) now return empty results instead of crashingSummary by cubic
Prevents TypeError crashes in search actions by defaulting undefined inputs and SearXNG fields to empty arrays (fixes #964). Malformed tool calls and error responses now return empty results instead of throwing.
queries/urlsto [] before.slice()inuploadsSearchandscrapeURL.results/suggestionsto [] insearxng.ts.Written for commit 68105d3. Summary will update on new commits.