Limit regex remap substitutions#13139
Open
bneradt wants to merge 1 commit into
Open
Conversation
Regex remap targets could repeat valid substitution markers enough times to exceed the fixed substitution arrays, even when every marker referred to an allowed capture group. This rejects targets with more substitution markers than the parser can store and covers the boundary with remap parser unit tests.
Member
|
[approve ci] |
Contributor
There was a problem hiding this comment.
Pull request overview
This PR hardens regex remap parsing by enforcing an upper bound on the number of substitution markers ($0..$9) allowed in a regex remap target, preventing overflow of the fixed-size substitution arrays in UrlRewrite::RegexMapping. It also adds unit tests that exercise the boundary condition (max allowed vs. one over the limit).
Changes:
- Reject regex remap targets whose host template contains more than
UrlRewrite::MAX_REGEX_SUBSsubstitution markers. - Add unit tests validating that parsing succeeds at the limit and fails when exceeding it.
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
src/proxy/http/remap/unit-tests/test_RemapRules.cc |
Adds boundary unit tests for regex remap substitution marker count. |
src/proxy/http/remap/RemapConfig.cc |
Adds a guard to fail parsing when substitution markers exceed MAX_REGEX_SUBS. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Regex remap targets could repeat valid substitution markers enough times
to exceed the fixed substitution arrays, even when every marker referred
to an allowed capture group.
This rejects targets with more substitution markers than the parser can
store and covers the boundary with remap parser unit tests.