Skip to content

security: stricter sanitizers for partial-ssrf and log-injection follow-ups#174

Merged
prsasattms merged 1 commit into
mainfrom
fix/code-scanning-followup
Jun 3, 2026
Merged

security: stricter sanitizers for partial-ssrf and log-injection follow-ups#174
prsasattms merged 1 commit into
mainfrom
fix/code-scanning-followup

Conversation

@prsasattms

Copy link
Copy Markdown
Collaborator

Follow-up to #173. The CodeQL re-scan on main after #173 merged closed all 15 original alerts but opened 5 new ones at the same locations because the fix patterns weren't strict enough:

  • 3x py/partial-ssrf at api/api.py:1146/1183/1195urllib.parse.quote(value, safe='') percent-encodes but CodeQL doesn't treat it as a sanitizer (the value still flows into the URL).
  • 2x py/log-injection at docgrok/admin.py:328/340 — new logger.exception(...) calls pass model_id (user-controlled) directly into the log format string.

Fix

  • api/security_utils.py: new safe_agent_segment(value) helper that validates against a strict regex allowlist (^[A-Za-z0-9_.+@-]{1,256}$) and raises ValueError otherwise. Accepts UPNs/emails/GUIDs/IDs but rejects /?# and control chars. Returns the value unchanged — the regex itself is the sanitizer CodeQL recognizes.
  • api/api.py: all 4 agent-proxy endpoints (sessions list/get/delete/approvals) now use safe_agent_segment wrapped in try/except → HTTP 400 on bad input.
  • docgrok/admin.py: model_id is sanitized via .replace('\r',' ').replace('\n',' ')[:128] before being passed to logger.exception.

Verification

Will be confirmed by the post-merge CodeQL re-scan: expected = 0 open alerts on main.

…ow-ups

Add safe_agent_segment() helper that validates caller-id and session-id
via a strict regex allowlist (alphanum + _.+@- only). CodeQL recognizes
regex-anchored allowlists as proper sanitizers; the previous quote(safe='')
approach only percent-encoded, which CodeQL still considered tainted for
partial-ssrf because the value still flowed into the URL.

Also sanitize model_id before logger.exception() in docgrok/admin.py to
address the two new py/log-injection alerts.

Follow-up to PR #173. Resolves 5 alerts opened by that PR.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@prsasattms prsasattms merged commit 61d76b4 into main Jun 3, 2026
10 checks passed
@prsasattms prsasattms deleted the fix/code-scanning-followup branch June 3, 2026 15:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants