Part of #591.
Overview
Proto descriptor loading uses unbounded HTTP/file reads and http.Get() without explicit timeout handling.
Evidence
internal/mycli/system_variables.go:475-482internal/mycli/system_variables.go:510-526- safer reference pattern at
internal/mycli/sample_databases.go:350-385
Impact
Slow or infinite HTTP responses can hang the CLI, and large responses or unsafe local files can exhaust memory or block unexpectedly.
Acceptance criteria
- Descriptor HTTP loads use context-aware requests with bounded timeouts.
- Descriptor reads enforce a size limit for both HTTP and local files.
- Local files use the repository’s hardened file-reading path where appropriate.
- Regression coverage exists for timeout / oversize handling.
Part of #591.
Overview
Proto descriptor loading uses unbounded HTTP/file reads and
http.Get()without explicit timeout handling.Evidence
internal/mycli/system_variables.go:475-482internal/mycli/system_variables.go:510-526internal/mycli/sample_databases.go:350-385Impact
Slow or infinite HTTP responses can hang the CLI, and large responses or unsafe local files can exhaust memory or block unexpectedly.
Acceptance criteria