Mirrors/coredns
1
0
Fork 0
mirror of https://github.com/coredns/coredns.git synced 2026-01-13 12:21:18 -05:00
Code Issues Packages Projects Releases Wiki Activity

fix(plugins): add regex length limit (#7802)

Browse Source
This commit is contained in:
Ville Vesilehto
2026-01-05 19:48:48 +02:00
committed by GitHub
parent adba778626
commit b723bd94d4
15 changed files with 117 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
plugin/errors/setup.go
View File

@@ -9,6 +9,10 @@ import (
"github.com/coredns/coredns/plugin"
)
// maxRegexpLen is a hard limit on the length of a regex pattern to prevent
// OOM during regex compilation with malicious input.
const maxRegexpLen = 10000
func init() { plugin.Register("errors", setup) }
func setup(c *caddy.Controller) error {
@@ -78,6 +82,9 @@ func parseConsolidate(c *caddy.Controller) (*pattern, error) {
if err != nil {
return nil, c.Err(err.Error())
}
if len(args[1]) > maxRegexpLen {
return nil, c.Errf("regex pattern too long: %d > %d", len(args[1]), maxRegexpLen)
}
re, err := regexp.Compile(args[1])
if err != nil {
return nil, c.Err(err.Error())