From c3017a255f3c49416b64cbb507a554c296dc81b8 Mon Sep 17 00:00:00 2001
From: zhenyi <434836402@qq.com>
Date: Wed, 10 Jun 2026 18:32:10 +0800
Subject: [PATCH] fix(search): use fixed-string matching to prevent ReDoS

Add -F flag to git grep to disable regex interpretation, preventing
catastrophic backtracking from malicious query patterns.
---
 repository/search_files.rs | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/repository/search_files.rs b/repository/search_files.rs
index bc27c7b..b3dd55a 100644
--- a/repository/search_files.rs
+++ b/repository/search_files.rs
@@ -25,7 +25,8 @@ impl GitBare {
             "--git-dir".to_string(),
             self.bare_dir.to_string_lossy().into_owned(),
             "grep".to_string(),
-            "-I".to_string(), // don't match binary files
+            "-F".to_string(),
+            "-I".to_string(),
             "--line-number".to_string(),
             "--column".to_string(),
         ];