Skip to content

fix(security): Architecture hardening - input validation & DoS protection #25

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
Sceat merged 1 commit into from
Nov 6, 2025
Merged

fix(security): Architecture hardening - input validation & DoS protection #25

Sceat merged 1 commit into from
Nov 6, 2025

Conversation

@Sceat
Copy link
Member

@Sceat Sceat commented Nov 6, 2025

Summary

Implements critical security fixes identified in the architecture audit:

CRITICAL Fixes (Priority 1)

  • Lambda adapter: Added try-catch for JSON.parse() to prevent unhandled exceptions (DoS vector)
  • All adapters: Request body validation with 100KB query size limit (prevents memory exhaustion attacks)
  • Base handler: build_context timeout wrapper (5s default) prevents hanging requests

Implementation Details

New validation module (src/validation.js):

  • validate_request_body(): Validates request structure, type checks, size limits
  • with_timeout(): Wrapper function for Promise timeout protection

Updated adapters:

  • All 4 adapters (Koa, Fastify, Lambda, TinyHttp) now validate input at entry point
  • Early return pattern with null values prevents further processing after validation errors
  • Consistent error handling across all adapters

Test-Driven Development:

  • Added 6 new tests covering all validation scenarios
  • Tests for: JSON parse errors, size limits, timeouts, malformed input
  • All tests follow TDD RED → GREEN → REFACTOR cycle

Test Results

✓ 33/33 tests passing
✓ Coverage: 86.68% stmts, 80% branch, 73.68% funcs
✓ All coverage thresholds met (75%+ lines, 70%+ branches/functions)

Security Impact

Addresses the following vulnerabilities:

  1. DoS via malformed JSON (Lambda) - CRITICAL
  2. Memory exhaustion via large queries - CRITICAL
  3. Request hanging via slow context builders - HIGH
  4. Type confusion attacks - HIGH

Breaking Changes

None. All changes are backward compatible.

🤖 Generated with Claude Code

@Sceat Sceat requested a review from DeltaEvo as a code owner November 6, 2025 18:50
@Sceat @claude
fix(security): architecture hardening - input validation & DoS protec…
be5d13a 
…tion

Implements critical security fixes identified in architecture audit:

**CRITICAL Fixes**:
- Lambda: Added try-catch for JSON.parse to prevent unhandled exceptions (DoS vector)
- All adapters: Request body validation with 100KB query size limit (memory exhaustion protection)
- Base: build_context timeout wrapper (5s default) prevents hanging requests

**Implementation**:
- New validation.js module with validate_request_body() and with_timeout()
- All adapters (Koa, Fastify, Lambda, TinyHttp) now validate input at entry point
- Early return pattern with null values prevents further processing after validation errors
- TDD approach: Added 6 new tests covering all validation scenarios

**Test Coverage**:
- 33/33 tests passing
- Coverage: 86.68% stmts, 80% branch, 73.68% funcs (all above thresholds)
- New tests: JSON parse errors, size limits, timeouts, malformed input

Addresses Priority 1 (CRITICAL) and Priority 2 (HIGH) issues from architecture audit.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
@Sceat Sceat merged commit 9b544f3 into edge Nov 6, 2025
2 of 3 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@DeltaEvo DeltaEvo Awaiting requested review from DeltaEvo DeltaEvo is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Sceat