Mirrors/coredns
1
0
Fork 0
mirror of https://github.com/coredns/coredns.git synced 2025-12-11 12:55:11 -05:00
Code Issues Packages Projects Releases Wiki Activity

fix(auto): limit regex length (#7737)

Browse Source 
A very large regex for the auto plugin in the Corefile could cause
CoreDNS to OOM. This change adds an artificial limit of 10k characters
for the regex pattern. Fixes OSS-Fuzz finding #466745384.

Signed-off-by: Ville Vesilehto <ville@vesilehto.fi>
This commit is contained in:
Ville Vesilehto
2025-12-08 03:04:55 +02:00
committed by GitHub
parent 3c8b846213
commit e5cd796648
3 changed files with 24 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
plugin/auto/setup.go
View File

@@ -18,6 +18,8 @@ import (
var log = clog.NewWithPlugin("auto")
const maxRegexpLen = 10000
func init() { plugin.Register("auto", setup) }
func setup(c *caddy.Controller) error {
@@ -126,6 +128,9 @@ func autoParse(c *caddy.Controller) (Auto, error) {
// regexp template
if c.NextArg() {
if len(c.Val()) > maxRegexpLen {
return a, c.Errf("regexp too large")
}
a.re, err = regexp.Compile(c.Val())
if err != nil {
return a, err