Skip to content

Commit

Permalink
fix: additional input validation for CVE graphQL query (#2408)
Browse files Browse the repository at this point in the history
It is possible to ask for a very large limit size which can exhaust
memory.

Signed-off-by: Ramkumar Chinchani <[email protected]>
  • Loading branch information
rchincha authored Apr 24, 2024
1 parent 7b1fc04 commit 186855b
Show file tree
Hide file tree
Showing 3 changed files with 24 additions and 0 deletions.
1 change: 1 addition & 0 deletions errors/errors.go
Original file line number Diff line number Diff line change
Expand Up @@ -117,6 +117,7 @@ var (
ErrEmptyDigest = errors.New("digest can't be empty string")
ErrInvalidRepoRefFormat = errors.New("invalid image reference format, use [repo:tag] or [repo@digest]")
ErrLimitIsNegative = errors.New("pagination limit has negative value")
ErrLimitIsExcessive = errors.New("pagination limit has excessive value")
ErrOffsetIsNegative = errors.New("pagination offset has negative value")
ErrSortCriteriaNotSupported = errors.New("the pagination sort criteria is not supported")
ErrMediaTypeNotSupported = errors.New("media type is not supported")
Expand Down
6 changes: 6 additions & 0 deletions pkg/extensions/search/cve/pagination.go
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,8 @@ type CvePageFinder struct {
pageBuffer []cvemodel.CVE
}

const maxCvePageLimit = 4 * 1024

func NewCvePageFinder(limit, offset int, sortBy cvemodel.SortCriteria) (*CvePageFinder, error) {
if sortBy == "" {
sortBy = SeverityDsc
Expand All @@ -71,6 +73,10 @@ func NewCvePageFinder(limit, offset int, sortBy cvemodel.SortCriteria) (*CvePage
return nil, zerr.ErrLimitIsNegative
}

if limit > maxCvePageLimit {
return nil, zerr.ErrLimitIsExcessive
}

if offset < 0 {
return nil, zerr.ErrOffsetIsNegative
}
Expand Down
17 changes: 17 additions & 0 deletions pkg/extensions/search/cve/pagination_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -415,6 +415,23 @@ func TestCVEPagination(t *testing.T) {
previousSeverity = severityToInt[cve.Severity]
}
})
Convey("bad limits", func() {
_, _, _, err := cveInfo.GetCVEListForImage(ctx, "repo1", "0.1.0", "", "", "", cvemodel.PageInput{
Limit: -1,
Offset: 3,
SortBy: cveinfo.AlphabeticAsc,
},
)
So(err, ShouldNotBeNil)

_, _, _, err = cveInfo.GetCVEListForImage(ctx, "repo1", "0.1.0", "", "", "", cvemodel.PageInput{
Limit: 4097,
Offset: 3,
SortBy: cveinfo.AlphabeticAsc,
},
)
So(err, ShouldNotBeNil)
})
})
})
}

0 comments on commit 186855b

Please sign in to comment.