Summary
In internal/cli/batch.go, parseStaleDuration uses strconv.Atoi with the error ignored:
n, _ := strconv.Atoi(numStr)
return fmt.Sprintf("%dh", n*24)Input like --stale 99999999999999999999d would silently produce n=0 (Atoi returns 0 on overflow), matching sessions stale for 0 hours — i.e., everything.
Impact
Low probability but high impact: could accidentally match and delete all sessions if a user copies a very large number.
Suggested Fix
Check the strconv.Atoi error and return an error message if it overflows.
Found during review tribunal audit.
Summary
In
internal/cli/batch.go,parseStaleDurationusesstrconv.Atoiwith the error ignored:Input like
--stale 99999999999999999999dwould silently producen=0(Atoi returns 0 on overflow), matching sessions stale for 0 hours — i.e., everything.Impact
Low probability but high impact: could accidentally match and delete all sessions if a user copies a very large number.
Suggested Fix
Check the
strconv.Atoierror and return an error message if it overflows.Found during review tribunal audit.