security: add panic recovery to event handler and media workers (#143)

The event handler and media worker goroutines previously lacked panic recovery. If processing panicked from an unexpected message structure, it would crash the entire wacli process and drop the authenticated session. This adds idiomatic `defer func() { recover() }()` blocks to the handlers. The process now survives individual message panics and logs the incident to stderr safely. Closes #52
2026-04-15 05:26:40 +08:00 · 2026-04-15 05:26:40 +08:00 · ffddc91f92
commit ffddc91f92
parent 9ff22a5ecf
2 changed files with 14 additions and 0 deletions
--- a/internal/app/media.go
+++ b/internal/app/media.go
@ -87,6 +87,13 @@ func (a *App) runMediaWorkers(ctx context.Context, jobs <-chan mediaJob, workers
 		wg.Add(1)
 		go func() {
 			defer wg.Done()
+			// Recover from panics to prevent a bad media job from crashing
+			// the whole process (#52).
+			defer func() {
+				if r := recover(); r != nil {
+					fmt.Fprintf(os.Stderr, "media worker panic (recovered): %v\n", r)
+				}
+			}()
 			for {
 				select {
 				case <-ctx.Done():
--- a/internal/app/sync.go
+++ b/internal/app/sync.go
@ -80,6 +80,13 @@ func (a *App) Sync(ctx context.Context, opts SyncOptions) (SyncResult, error) {
 	}

 	handlerID := a.wa.AddEventHandler(func(evt interface{}) {
+		// Recover from panics so unexpected message structures do not
+		// crash the entire process (#52).
+		defer func() {
+			if r := recover(); r != nil {
+				fmt.Fprintf(os.Stderr, "\nevent handler panic (recovered): %v\n", r)
+			}
+		}()
 		lastEvent.Store(time.Now().UTC().UnixNano())

 		switch v := evt.(type) {