From 8f79e5dc57c22ce062af5d514ec1810d2ae37d4c Mon Sep 17 00:00:00 2001
From: xjdeng <xjdeng@xjdengdeMacBook-Pro.local>
Date: Tue, 9 Jun 2026 14:50:59 +0800
Subject: [PATCH] fix(config): reject non-object raw yaml

---
 ui/server/services/pilotdeckConfig.js               |  6 +++++-
 ui/server/services/pilotdeckConfig.raw-yaml.test.js | 10 ++++++++++
 2 files changed, 15 insertions(+), 1 deletion(-)
 create mode 100644 ui/server/services/pilotdeckConfig.raw-yaml.test.js

diff --git a/ui/server/services/pilotdeckConfig.js b/ui/server/services/pilotdeckConfig.js
index 430dcbbd..07428103 100644
--- a/ui/server/services/pilotdeckConfig.js
+++ b/ui/server/services/pilotdeckConfig.js
@@ -601,5 +601,9 @@ export function rawYamlToMaskedString(rawYaml) {
 }
 
 export function parseConfigYaml(raw) {
-  return normalizePilotDeckConfig(parseYaml(raw) || {});
+  const parsed = parseYaml(raw);
+  if (!parsed || typeof parsed !== 'object' || Array.isArray(parsed)) {
+    throw new Error('raw YAML must parse to an object');
+  }
+  return normalizePilotDeckConfig(parsed);
 }
diff --git a/ui/server/services/pilotdeckConfig.raw-yaml.test.js b/ui/server/services/pilotdeckConfig.raw-yaml.test.js
new file mode 100644
index 00000000..c243ec59
--- /dev/null
+++ b/ui/server/services/pilotdeckConfig.raw-yaml.test.js
@@ -0,0 +1,10 @@
+import { describe, expect, it } from 'vitest';
+import { parseConfigYaml } from './pilotdeckConfig.js';
+
+describe('parseConfigYaml', () => {
+  it('rejects raw YAML whose root is not an object', () => {
+    expect(() => parseConfigYaml('[]')).toThrow('raw YAML must parse to an object');
+    expect(() => parseConfigYaml('null')).toThrow('raw YAML must parse to an object');
+    expect(() => parseConfigYaml('plain')).toThrow('raw YAML must parse to an object');
+  });
+});