Skip to content

Fix cross-session task leakage#1486

Open
localden wants to merge 3 commits intomainfrom
localden/tasks
Open

Fix cross-session task leakage#1486
localden wants to merge 3 commits intomainfrom
localden/tasks

Conversation

@localden
Copy link

@localden localden commented Feb 5, 2026
edited
Loading

Fix: Enforce session isolation in InMemoryTaskStore

Problem

The InMemoryTaskStore accepted a sessionId parameter on every method but silently ignored it. This allowed any authenticated client to enumerate all task IDs via tasks/list and read or mutate tasks belonging to other sessions — violating the TaskStore contract which explicitly states sessionId binds operations to a specific session.

Root Cause

Every method parameter was prefixed with _sessionId (unused), and the session was never persisted alongside the stored task. listTasks iterated all task IDs globally without filtering.

Fix

  • Persist sessionId on the StoredTask record at creation time.
  • Add a private getStoredTask(taskId, sessionId) helper that enforces ownership: when both the caller and the stored task have a sessionId, they must match — otherwise the task is treated as not found.
  • Route all public methods (getTask, storeTaskResult, getTaskResult, updateTaskStatus) through this helper.
  • Filter listTasks by session ownership before pagination.
  • Backward compatibility is preserved: when either side omits sessionId, no filtering occurs.

Tests

Added 9 regression tests covering:

  • Cross-session list/read/update/storeResult/getResult all blocked
  • Same-session access works
  • Mixed-session listing returns only owned tasks
  • Backward compat when sessionId is omitted (both directions)
  • Pagination correctness within a session

@localden localden requested a review from a team as a code owner February 5, 2026 21:00
@changeset-bot
Copy link

changeset-bot bot commented Feb 5, 2026
edited
Loading

🦋 Changeset detected

Latest commit: 2c60294

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 1 package
Name Type
@modelcontextprotocol/core Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

@pkg-pr-new
Copy link

pkg-pr-new bot commented Feb 5, 2026
edited
Loading

Open in StackBlitz

@modelcontextprotocol/client

npm i https://pkg.pr.new/modelcontextprotocol/typescript-sdk/@modelcontextprotocol/client@1486

@modelcontextprotocol/server

npm i https://pkg.pr.new/modelcontextprotocol/typescript-sdk/@modelcontextprotocol/server@1486

@modelcontextprotocol/express

npm i https://pkg.pr.new/modelcontextprotocol/typescript-sdk/@modelcontextprotocol/express@1486

@modelcontextprotocol/hono

npm i https://pkg.pr.new/modelcontextprotocol/typescript-sdk/@modelcontextprotocol/hono@1486

@modelcontextprotocol/node

npm i https://pkg.pr.new/modelcontextprotocol/typescript-sdk/@modelcontextprotocol/node@1486

commit: 2c60294

@claude
Copy link

claude bot commented Feb 5, 2026

Code review

No issues found. Checked for bugs and CLAUDE.md compliance.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@localden