From 5d044dfcce6b700793f6292d17a37df9193db7b3 Mon Sep 17 00:00:00 2001
From: JEAN REGIS <240509606@firat.edu.tr>
Date: Wed, 1 Apr 2026 20:46:38 +0300
Subject: [PATCH] fix(findrive): reject negative limit in search_files before
 DB call

Root cause:
search_files forwarded unvalidated limit to repo.search_files(), allowing
negative values to reach the DB layer with undefined LIMIT behavior.

Solution:
Add early return with error dict when limit < 0, matching the validation
pattern used in upload_file.

Impact:
Deterministic error response for invalid input; zero change to valid path.

Signed-off-by: JEAN REGIS <240509606@firat.edu.tr>
---
 finbot/mcp/servers/findrive/server.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/finbot/mcp/servers/findrive/server.py b/finbot/mcp/servers/findrive/server.py
index 3a95ee3b..ebbc40e8 100644
--- a/finbot/mcp/servers/findrive/server.py
+++ b/finbot/mcp/servers/findrive/server.py
@@ -177,6 +177,9 @@ def search_files(query: str, limit: int = 20) -> dict[str, Any]:
         Returns documents whose filename or extracted text matches the query.
         Useful for finding relevant invoice PDFs and supporting documents.
         """
+        if limit < 0:
+            return {"error": f"limit must be non-negative, got {limit}"}
+
         with db_session() as db:
             repo = FinDriveFileRepository(db, session_context)
             files = repo.search_files(query, limit=limit)