mirror of
https://github.com/danny-avila/LibreChat.git
synced 2026-06-26 17:31:27 +00:00
e0f715bd24
A Codex security finding flagged that findPiiMatchInMessages was gating on msg.role === 'user' and silently skipping every other role. The OpenAI-compatible validator accepts system, assistant, and tool from the caller; the Responses input conversion accepts and converts developer and system. All of those roles flow into formatAgentMessages and then createRun, so an authenticated remote agent caller could place a credential-shaped value in any non-user role and reach the model despite the configured filter. Drops the role gate. The helper now scans every caller-supplied message regardless of role; the loop count is unchanged (one outer over messages, one inner over content parts) and the early-exit on first match still holds. Spec adds explicit cases for system, assistant, and tool roles in place of the now-incorrect skips-non-user assertion. |
||
|---|---|---|
| .. | ||
| api | ||
| client | ||
| data-provider | ||
| data-schemas | ||