AntFleet

Disagreement · d9ae4fa5-openai-6

Budget config and record/restore accept invalid values leading to NaN/Infinity and inconsistent state

mismatch
repo 56f59a0d·PR #3·reviewed 4 days ago

Primary finding

Budget config and record/restore accept invalid values leading to NaN/Infinity and inconsistent state

mediumapi-contracthigh
  • src/budget.ts:58-68
  • src/budget.ts:90-95
  • src/budget.ts:70-75
  • src/budget.ts:77-82
  • src/budget.ts:131-144
No validation prevents zero/negative/NaN values for maxTokens, maxTurns, or costs. Division by zero yields Infinity; NaN inputs propagate through percentages and costs; negative tokens/costs produce nonsensical snapshots. record/restore also allow negative or NaN, enabling inconsistent internal state.

Recommendation

Validate and clamp config: require maxTokens/maxTurns > 0; clamp warnAtPercent to [0,100]; require costs >= 0. In record/restore, coerce inputs to non-negative finite numbers and reject/throw on invalid values.

Counterpart finding

BudgetCheck.exhausted optional field not provided in early-return when budget disabled (type/contract gap)

lowapi-contracthigh
  • src/budget.ts:28-36
  • src/budget.ts:86-92
Actually the disabled branch DOES return exhausted: false — that's fine. But the interface declares exhausted as REQUIRED while at least one usage site (formatWarning) destructures `{ warning, ok, tokensPercent, turnsPercent }` and never checks `exhausted`. This is harmless but worth noting only briefly. More importantly: BudgetCheck has `reason?: string` and `exhausted: boolean` — callers cannot tell from the type whether to expect a reason on !ok. No real bug. Withdrawing.

Recommendation

No action; consider documenting that reason is always present when ok=false.

Why this didn't post

This finding didn't meet AntFleet's unanimous agreement threshold. Both frontier models review every PR independently; only findings they both flag with the same severity and category are posted to the PR. This one fell through.

read the methodology →

From the same review

These findings passed the unanimous gate on the same PR review. The disagreement above was filtered out; the findings below were posted.

← back to all disagreementsview public receiptssee unanimous findings + anatomies →
Tweet ↗