fix: handle non-UTF-8 bytes in stdio server stdin

TextIOWrapper defaults to errors='strict', which raises
UnicodeDecodeError when stdin contains bytes that are not valid UTF-8.
This exception occurs during 'async for line in stdin' iteration, which
is outside the JSON-parsing try/except block, so it propagates through
the task group and terminates the server process.

With errors='replace', invalid bytes are converted to U+FFFD. The
resulting line then fails JSON validation, which is already caught and
sent into the read stream as an exception for the session layer to
handle - the same path as any other malformed input.

Author: maxisbey

src/mcp/server/stdio.py

@@ -39,7 +39,7 @@ async def stdio_server(stdin: anyio.AsyncFile[str] | None = None, stdout: anyio.
     # python is platform-dependent (Windows is particularly problematic), so we
     # re-wrap the underlying binary stream to ensure UTF-8.
     if not stdin:
-        stdin = anyio.wrap_file(TextIOWrapper(sys.stdin.buffer, encoding="utf-8"))
+        stdin = anyio.wrap_file(TextIOWrapper(sys.stdin.buffer, encoding="utf-8", errors="replace"))
     if not stdout:
         stdout = anyio.wrap_file(TextIOWrapper(sys.stdout.buffer, encoding="utf-8"))
 

tests/server/test_stdio.py

@@ -1,4 +1,6 @@
 import io
+import sys
+from io import TextIOWrapper
 
 import anyio
 import pytest
@@ -59,3 +61,36 @@ async def test_stdio_server():
     assert len(received_responses) == 2
     assert received_responses[0] == JSONRPCRequest(jsonrpc="2.0", id=3, method="ping")
     assert received_responses[1] == JSONRPCResponse(jsonrpc="2.0", id=4, result={})
+
+
+@pytest.mark.anyio
+async def test_stdio_server_invalid_utf8(monkeypatch: pytest.MonkeyPatch):
+    """Non-UTF-8 bytes on stdin must not crash the server.
+
+    Invalid bytes are replaced with U+FFFD, which then fails JSON parsing and
+    is delivered as an in-stream exception. Subsequent valid messages must
+    still be processed.
+    """
+    # \xff\xfe are invalid UTF-8 start bytes.
+    valid = JSONRPCRequest(jsonrpc="2.0", id=1, method="ping")
+    raw_stdin = io.BytesIO(b"\xff\xfe\n" + valid.model_dump_json(by_alias=True, exclude_none=True).encode() + b"\n")
+
+    # Replace sys.stdin with a wrapper whose .buffer is our raw bytes, so that
+    # stdio_server()'s default path wraps it with errors='replace'.
+    monkeypatch.setattr(sys, "stdin", TextIOWrapper(raw_stdin, encoding="utf-8"))
+    monkeypatch.setattr(sys, "stdout", TextIOWrapper(io.BytesIO(), encoding="utf-8"))
+
+    with anyio.fail_after(5):
+        async with stdio_server() as (read_stream, write_stream):
+            await write_stream.aclose()
+            async with read_stream:
+                it = read_stream.__aiter__()
+
+                # First line: \xff\xfe -> U+FFFD U+FFFD -> JSON parse fails -> exception in stream
+                first = await it.__anext__()
+                assert isinstance(first, Exception)
+
+                # Second line: valid message still comes through
+                second = await it.__anext__()
+                assert isinstance(second, SessionMessage)
+                assert second.message == valid