diff --git a/tools/server/server-tools.cpp b/tools/server/server-tools.cpp index 81e360de46..5078d92e73 100644 --- a/tools/server/server-tools.cpp +++ b/tools/server/server-tools.cpp @@ -10,6 +10,7 @@ #include #include #include +#include namespace fs = std::filesystem; @@ -714,6 +715,24 @@ void server_tools::setup(const std::vector & enabled_tools) { std::unordered_set enabled_set(enabled_tools.begin(), enabled_tools.end()); auto all_tools = build_tools(); + // collect all known tool names for validation + std::vector known_names; + known_names.reserve(all_tools.size()); + for (const auto & t : all_tools) { + known_names.push_back(t->name); + } + + // validate that every requested tool is known + for (const auto & name : enabled_tools) { + if (name == "all") continue; + if (std::find(known_names.begin(), known_names.end(), name) == known_names.end()) { + throw std::runtime_error(string_format( + "unknown tool \"%s\". available tools: %s", + name.c_str(), + string_join(known_names, ", ").c_str())); + } + } + tools.clear(); for (auto & t : all_tools) { if (enabled_set.count(t->name) > 0 || enabled_set.count("all") > 0) { diff --git a/tools/server/server.cpp b/tools/server/server.cpp index 6566949edf..0508f79d73 100644 --- a/tools/server/server.cpp +++ b/tools/server/server.cpp @@ -215,7 +215,12 @@ int main(int argc, char ** argv) { } // EXPERIMENTAL built-in tools if (!params.server_tools.empty()) { - tools.setup(params.server_tools); + try { + tools.setup(params.server_tools); + } catch (const std::exception & e) { + LOG_ERR("%s: tools setup failed: %s\n", __func__, e.what()); + return 1; + } SRV_WRN("%s", "-----------------\n"); SRV_WRN("%s", "Built-in tools are enabled, do not expose server to untrusted environments\n"); SRV_WRN("%s", "This feature is EXPERIMENTAL and may be changed in the future\n");