gm-skill 2.0.1599 → 2.0.1601

package/bin/plugkit.version

@@ -1 +1 @@
-0.1.680
+0.1.681

package/bin/plugkit.wasm.sha256

@@ -1 +1 @@
-a5e0eb75b126f7596b2aefde80a912c1fa003ded37bf398308eaf1e6226eb338  plugkit.wasm
+69cc8f062da496978b9e57d72e9b5f45e8e771c5a7e6d2dc95d4e6d200abdbe4  plugkit.wasm

package/gm-plugkit/package.json

@@ -1,6 +1,6 @@
 {
   "name": "gm-plugkit",
-  "version": "2.0.1599",
+  "version": "2.0.1601",
   "description": "Bootstrap and daemon-spawn tool for gm plugkit binary. Downloads the correct platform binary, verifies SHA256, and starts the spool watcher daemon. Includes plugkit-wasm-wrapper for WASM-based spool watching.",
   "main": "index.js",
   "bin": {

package/gm-plugkit/plugkit-wasm-wrapper.js

@@ -171,7 +171,9 @@ function dispatchVerbToWasmInternal(instance, verb, body) {
     const result = dispatch(verbPtr, verbBytes.length, bodyPtr, bodyBytes.length);
     const ptr = Number(result & 0xffffffffn);
     const len = Number(result >> 32n);
-    const out = new TextDecoder().decode(new Uint8Array(instance.exports.memory.buffer, ptr, len));
+    const buffer = instance.exports.memory.buffer;
+    guardWasmRange(buffer, ptr, len, `dispatch_verb(${verb})`);
+    const out = new TextDecoder().decode(new Uint8Array(buffer, ptr, len));
     try { instance.exports.plugkit_free(ptr, len); } catch (_) {}
     return out;
   } finally {
@@ -1234,7 +1236,7 @@ function createWasiShim(instanceRef) {
           const base = iovs_ptr + i * 8;
           const ptr = dv.getUint32(base, true);
           const len = dv.getUint32(base + 4, true);
-          if (len > 0) {
+          if (len > 0 && ptr + len <= buf.byteLength) {
             chunks.push(new Uint8Array(buf, ptr, len).slice());
             total += len;
           }
@@ -1300,14 +1302,25 @@ function createWasiShim(instanceRef) {
   });
 }
 
+function guardWasmRange(buffer, ptr, len, where) {
+  const total = buffer.byteLength;
+  if (!Number.isInteger(ptr) || !Number.isInteger(len) || ptr < 0 || len < 0 || ptr + len > total) {
+    throw new Error(`wasm-memory-read-out-of-bounds at ${where}: ptr=${ptr} len=${len} buffer=${total} -- corrupt (ptr,len) from wasm, refusing the read instead of crashing the dispatch loop`);
+  }
+}
+
 function readWasmBytes(instance, ptr, len) {
   if (ptr === 0 || len === 0) return new Uint8Array(0);
-  return new Uint8Array(instance.exports.memory.buffer, ptr, len).slice();
+  const buffer = instance.exports.memory.buffer;
+  guardWasmRange(buffer, ptr, len, 'readWasmBytes');
+  return new Uint8Array(buffer, ptr, len).slice();
 }
 
 function readWasmStr(instance, ptr, len) {
   if (ptr === 0 || len === 0) return '';
-  const bytes = new Uint8Array(instance.exports.memory.buffer, ptr, len);
+  const buffer = instance.exports.memory.buffer;
+  guardWasmRange(buffer, ptr, len, 'readWasmStr');
+  const bytes = new Uint8Array(buffer, ptr, len);
   return new TextDecoder('utf-8').decode(bytes);
 }
 

package/gm.json

@@ -1,6 +1,6 @@
 {
   "name": "gm",
-  "version": "2.0.1599",
+  "version": "2.0.1601",
   "description": "Spool-dispatch orchestration engine with unified state machine, skills, and automated git enforcement",
   "author": "AnEntrypoint",
   "license": "MIT",
@@ -17,5 +17,5 @@
   "publishConfig": {
     "access": "public"
   },
-  "plugkitVersion": "0.1.680"
+  "plugkitVersion": "0.1.681"
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "gm-skill",
-  "version": "2.0.1599",
+  "version": "2.0.1601",
   "description": "Canonical universal harness — AI-native software engineering via skill-driven orchestration; bootstraps plugkit for task execution and session isolation. Install in any AI coding agent host.",
   "author": "AnEntrypoint",
   "license": "MIT",