lots of stuff #138
lots of stuff #138
Conversation
this also updates a couple other vulnerable modules
fix(web/organization): correct api endpoint
fix(web/data): ui imports
feat: clickhouse logs w/ kafka
chore: update readme & env.template
chore(web): turn off only-export-components eslint
Feat/dataset and logs
feat(app): improve auth
--- updated-dependencies: - dependency-name: react-hook-form dependency-version: 7.60.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* Redesign organization select page to match app.fivemanage.com * Add comments * Comments * Comments
…anization is created (#75)
…act-hook-form-7.60.0
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| var fileType string | ||
|
|
||
| // Get the file type from the header | ||
| buf := make([]byte, fileHeader.Size) |
Check failure
Code scanning / CodeQL
Slice memory allocation with excessive size value High
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI about 1 month ago
To address this vulnerability, introduce a maximum allowed size for file allocations when determining the buffer size for reading the file content. Before performing make([]byte, fileHeader.Size), check whether fileHeader.Size is within acceptable minimum (e.g., greater than zero) and maximum bounds (e.g., a reasonably small upper limit such as 10MB). If the Size is negative, zero, or exceeds your defined maximum, return an error instead of allocating the slice. The best place for this check is just before line 16 in internal/http/httputil/mime.go inside the GetMimeDetails function. You may also want to define the maximum allowed file size as a constant at the top of the file. No new imports or method definitions are needed.
| @@ -8,10 +8,17 @@ | ||
| "github.com/gabriel-vasile/mimetype" | ||
| ) | ||
|
|
||
| const MaxMimeReadSize = 10 * 1024 * 1024 // 10MB maximum for mime detection | ||
|
|
||
| func GetMimeDetails(fileHeader *multipart.FileHeader, file multipart.File) (string, string, string, error) { | ||
| var err error | ||
| var fileType string | ||
|
|
||
| // Check that file size is reasonable before reading | ||
| if fileHeader.Size <= 0 || fileHeader.Size > MaxMimeReadSize { | ||
| return "", "", "", fmt.Errorf("file size %d exceeds allowed limit", fileHeader.Size) | ||
| } | ||
|
|
||
| // Get the file type from the header | ||
| buf := make([]byte, fileHeader.Size) | ||
| _, err = file.Read(buf) |
|
|
||
| mime := mimetype.Detect(buf) | ||
| key := fmt.Sprintf("%s/%s.%s", fileType, filename, mime.Extension()) | ||
| buf := make([]byte, header.Size) |
Check failure
Code scanning / CodeQL
Slice memory allocation with excessive size value High
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI about 1 month ago
To fix this vulnerability, the function allocating the slice (encode) must not blindly trust header.Size. It should enforce a reasonable maximum limit (e.g., 32MB or less, based on system needs and policies), and return an error if the file is too large.
- In
internal/service/file/file_service.go, insidefunc (s *Service) encode(file multipart.File, header *multipart.FileHeader), before the slice allocation (line 234), add a check thatheader.Sizeis within an acceptable range (e.g.,header.Size <= MAX_SIZE && header.Size >= 0). If it's not, return an error. - Define a suitable
const maxUploadSizein the file. - No new imports are needed, only an error return if the file size is exceeded.
- The rest of the function can remain unchanged.
| @@ -17,6 +17,9 @@ | ||
| "github.com/uptrace/bun" | ||
| ) | ||
|
|
||
|
|
||
| const maxUploadSize = 32 << 20 // 32 MB, adjust as needed | ||
|
|
||
| type Service struct { | ||
| db *bun.DB | ||
| storage storage.StorageLayer | ||
| @@ -231,6 +234,10 @@ | ||
| return nil, err | ||
| } | ||
|
|
||
| if header.Size < 0 || header.Size > maxUploadSize { | ||
| return nil, errors.New("uploaded file size exceeds the allowed maximum") | ||
| } | ||
|
|
||
| buf := make([]byte, header.Size) | ||
| _, err := file.Read(buf) | ||
| if err != nil { |
| name: Lint frontend | ||
| runs-on: ubuntu-latest | ||
| defaults: | ||
| run: | ||
| working-directory: ./web | ||
|
|
||
| strategy: | ||
| matrix: | ||
| node-version: [22] | ||
|
|
||
| steps: | ||
| - uses: actions/checkout@v4 | ||
|
|
||
| - name: Install pnpm | ||
| uses: pnpm/action-setup@v4 | ||
| with: | ||
| version: 10 | ||
|
|
||
| - name: Use Node.js ${{ matrix.node-version }} | ||
| uses: actions/setup-node@v4 | ||
| with: | ||
| node-version: ${{ matrix.node-version }} | ||
| cache-dependency-path: ./web/pnpm-lock.yaml | ||
| cache: 'pnpm' | ||
|
|
||
| - name: Install dependencies | ||
| run: pnpm install | ||
|
|
||
| - name: Run lint | ||
| run: pnpm lint | ||
|
|
||
| lint_backend: |
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI about 1 month ago
To fix the problem, add a permissions block to the lint_frontend job in .github/workflows/lint.yml, matching the minimal set required for the job: contents: read. This should be placed on the same level as other job keys like runs-on and defaults. By setting permissions: contents: read, we ensure the job cannot inadvertently write to repository contents or access other scopes unnecessarily. No further changes are needed, as this addition does not affect job functionality.
| @@ -10,6 +10,8 @@ | ||
| lint_frontend: | ||
| name: Lint frontend | ||
| runs-on: ubuntu-latest | ||
| permissions: | ||
| contents: read | ||
| defaults: | ||
| run: | ||
| working-directory: ./web |
2 participants
No description provided.