From 19a66ab0cb1093a1c4f4064302909712ab5ef10d Mon Sep 17 00:00:00 2001
From: root <root@DESKTOP-V9DGVF3.localdomain>
Date: Tue, 20 Jan 2026 13:28:52 +0400
Subject: [PATCH] fix: handle TOCTOU race condition in file watcher

During the file processing in process_files, there was a time-of-check to time-of-use
(TOCTOU) race condition where a file could be deleted between path.exists() check and
read_to_string() call.

This commit handles ErrorKind::NotFound error when reading the file. If the file is not found,
we assume it was deleted and remove it from the index, similar to how explicit deletion events are handled.

Fixes PlatformNetwork/bounty-challenge#90
---
 src/watcher.rs | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/src/watcher.rs b/src/watcher.rs
index 816219f..71b3521 100644
--- a/src/watcher.rs
+++ b/src/watcher.rs
@@ -315,6 +315,20 @@ impl FileWatcher {
             // File was created or modified
             let content = match std::fs::read_to_string(path) {
                 Ok(c) => c,
+                Err(e) if e.kind() == std::io::ErrorKind::NotFound => {
+                    // File was deleted between check and read (TOCTOU)
+                    if let Some(entry) = db.get_file_by_path(path)? {
+                        db.delete_file(entry.id)?;
+                        println!(
+                            "  {} {} {} {}",
+                            style("[-]").red(),
+                            style("removed").red(),
+                            style(filename).dim(),
+                            style("(race condition handled)").dim()
+                        );
+                    }
+                    continue;
+                }
                 Err(_) => continue, // Skip binary or unreadable files
             };