fix(engine): guard StartIndexingAsync against invalid workspace roots

razvan · razvan · commit c26ca58320f3 · 2026-03-10T21:21:09.000+02:00
Export IsInvalidRoot from the watch package and apply it as a
safety check at the very start of StartIndexingAsync, before any
job registration or SaveIndexStatus call.

This prevents accidental indexing of dangerous paths such as the
user home directory (~), filesystem root (/), or /tmp — which would
cause .ragcode/index_status.json to be written outside any real
workspace.

- pkg/workspace/watch: isInvalidRoot → IsInvalidRoot (exported + docstring)
- internal/service/engine: guard added as first check in StartIndexingAsync
diff --git a/cmd/rag-code-mcp/main.go b/cmd/rag-code-mcp/main.go
@@ -17,7 +17,7 @@ import (
 )
 
 var (
-	Version = "2.1.65"
+	Version = "2.1.66"
 	Commit  = "none"
 	Date    = "24.10.2025"
 )
diff --git a/internal/service/engine/engine.go b/internal/service/engine/engine.go
@@ -777,6 +777,11 @@ func (e *Engine) tryStartPendingIndex(root, workspaceID string) {
 // If recreate=true and a job is already running, the recreate is queued and
 // will start immediately after the current job finishes.
 func (e *Engine) StartIndexingAsync(root, id string, changedFiles []string, recreate bool) {
+	if watch.IsInvalidRoot(root) {
+		logger.Instance.Error("[IDX] ⛔ Refusing to index invalid/dangerous root: %s", root)
+		return
+	}
+
 	if _, loaded := e.indexingJobs.LoadOrStore(id, time.Now()); loaded {
 		// A job is already running. If recreate=true, queue it so it fires
 		// after the current job finishes (via tryStartPendingIndex/defer).
diff --git a/pkg/workspace/watch/watcher.go b/pkg/workspace/watch/watcher.go
@@ -87,7 +87,7 @@ func NewFileWatcher(root string, opts Options, onChange func(context.Context, st
 
 // Start begins watching the directory tree.
 func (fw *FileWatcher) Start() {
-	if isInvalidRoot(fw.root) {
+	if IsInvalidRoot(fw.root) {
 		logger.Instance.Error("Cannot start watcher on invalid root directory: %s", fw.root)
 		return
 	}
@@ -231,7 +231,11 @@ func normalizeExclude(patterns []string) map[string]struct{} {
 	return result
 }
 
-func isInvalidRoot(root string) bool {
+// IsInvalidRoot reports whether root is an unsafe or degenerate directory
+// that must not be used as a workspace root for indexing or watching.
+// It rejects the filesystem root (/), the user home directory (~),
+// and the system temp directory.
+func IsInvalidRoot(root string) bool {
 	clean := filepath.Clean(strings.TrimSpace(root))
 	if clean == "" || clean == "." {
 		return true

Original file line number	Diff line number	Diff line change
`@@ -17,7 +17,7 @@ import (`
`17`	`17`	`)`
`18`	`18`
`19`	`19`	`var (`
`20`		`- Version = "2.1.65"`
	`20`	`+ Version = "2.1.66"`
`21`	`21`	`Commit = "none"`
`22`	`22`	`Date = "24.10.2025"`
`23`	`23`	`)`