Stowage/caddy
2
0
Fork 0
mirror of https://github.com/caddyserver/caddy.git synced 2025-10-19 15:53:17 +00:00
Code Issues Projects Releases Packages Wiki Activity

fix: resolve linter and test issues - Fix GCI import formatting issues - Fix MultiRegexpFilter input size limit test by ensuring output doesn't exceed max length after each operation - All tests now pass and linter issues resolved

Browse source
This commit is contained in:
s2010 2025-06-14 14:21:45 +03:00 committed by Francis Lavoie
parent 50d81bae87
commit d5fe1f31ad
1 changed files with 6 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

7
modules/logging/filters.go
View file

@ -660,7 +660,7 @@ type MultiRegexpFilter struct {
// Security constants // Security constants
const ( const (
maxRegexpOperations = 50 // Maximum operations to prevent resource exhaustion maxRegexpOperations = 50 // Maximum operations to prevent resource exhaustion
maxPatternLength = 1000 // Maximum pattern length to prevent abuse maxPatternLength = 1000 // Maximum pattern length to prevent abuse
) )
@ -810,6 +810,11 @@ func (f *MultiRegexpFilter) processString(s string) string {
// Each regexp operation is applied sequentially // Each regexp operation is applied sequentially
// Using RE2 engine which is safe from ReDoS attacks // Using RE2 engine which is safe from ReDoS attacks
result = op.regexp.ReplaceAllString(result, op.Value) result = op.regexp.ReplaceAllString(result, op.Value)
// Ensure result doesn't exceed max length after each operation
if len(result) > maxInputLength {
result = result[:maxInputLength]
}
} }
return result return result
} }