fix: handle crypto/rand.Read error in ID generation (gt-qysj9)

Panic if crypto/rand.Read fails rather than silently returning zero IDs which could cause message collisions.
2026-01-04 23:58:19 -08:00
parent 820ff17f9a
commit 117e6a1852
1 changed files with 6 additions and 2 deletions
--- a/internal/mail/types.go
+++ b/internal/mail/types.go
@@ -144,14 +144,18 @@ func NewReplyMessage(from, to, subject, body string, original *Message) *Message
 // generateID creates a random message ID.
 func generateID() string {
 	b := make([]byte, 8)
-	_, _ = rand.Read(b) // crypto/rand.Read only fails on broken system
+	if _, err := rand.Read(b); err != nil {
+		panic("crypto/rand.Read failed: " + err.Error())
+	}
 	return "msg-" + hex.EncodeToString(b)
 }

 // generateThreadID creates a random thread ID.
 func generateThreadID() string {
 	b := make([]byte, 6)
-	_, _ = rand.Read(b) // crypto/rand.Read only fails on broken system
+	if _, err := rand.Read(b); err != nil {
+		panic("crypto/rand.Read failed: " + err.Error())
+	}
 	return "thread-" + hex.EncodeToString(b)
 }