Skip to content

Fix CodeQL security vulnerabilities in privacy module #2

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
hyperpolymath merged 1 commit into from
Dec 7, 2025
Merged

Fix CodeQL security vulnerabilities in privacy module #2

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions .github/workflows/ci.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,10 @@ on:
pull_request:
branches: [main, master]

# Restrict permissions to minimum required (security best practice)
permissions:
contents: read

jobs:
test:
runs-on: ubuntu-latest
Expand Down
17 changes: 14 additions & 3 deletions scripts/benchmark.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,10 +7,21 @@

import { UrbanKnowledgeMapper } from '../src/mapper.js';
import { PerformanceMonitor, benchmark } from '../src/performance.js';
import { randomUUID } from 'crypto';
import { randomUUID, randomBytes } from 'crypto';

const DATASET_SIZES = [10, 50, 100, 500, 1000];

/**
* Generate a cryptographically secure random float between 0 and 1
* @returns {number} Random float in range [0, 1)
*/
function secureRandomFloat() {
// Use 4 bytes to create a 32-bit unsigned integer, then normalize to [0, 1)
const bytes = randomBytes(4);
const uint32 = bytes.readUInt32BE(0);
return uint32 / 0x100000000;
}

async function generateTestData(count) {
const mapper = new UrbanKnowledgeMapper('/tmp/benchmark-ubicity');
await mapper.initialize();
Expand All @@ -26,8 +37,8 @@ async function generateTestData(count) {
location: {
name: locations[i % locations.length],
coordinates: {
latitude: 37.7749 + (Math.random() - 0.5) * 0.1,
longitude: -122.4194 + (Math.random() - 0.5) * 0.1,
latitude: 37.7749 + (secureRandomFloat() - 0.5) * 0.1,
longitude: -122.4194 + (secureRandomFloat() - 0.5) * 0.1,
},
},
},
Expand Down
17 changes: 11 additions & 6 deletions src/privacy.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -207,11 +207,16 @@ function hashString(str) {
* @returns {string} Sanitized text
*/
function sanitizeText(text) {
let sanitized = text;

// Email addresses
// Limit input length to prevent ReDoS attacks
const MAX_TEXT_LENGTH = 10000;
let sanitized = text.length > MAX_TEXT_LENGTH
? text.slice(0, MAX_TEXT_LENGTH)
: text;

// Email addresses - use possessive-like matching to prevent backtracking
// Pattern: local part (alphanumeric, limited special chars) @ domain
sanitized = sanitized.replace(
/[\w.-]+@[\w.-]+\.\w+/g,
/[a-zA-Z0-9](?:[a-zA-Z0-9._-]{0,62}[a-zA-Z0-9])?@[a-zA-Z0-9](?:[a-zA-Z0-9.-]{0,252}[a-zA-Z0-9])?\.[a-zA-Z]{2,63}/g,
'[email]'
);

Expand All @@ -221,9 +226,9 @@ function sanitizeText(text) {
'[phone]'
);

// URLs
// URLs - use non-greedy matching with explicit character class
sanitized = sanitized.replace(
/https?:\/\/[^\s]+/g,
/https?:\/\/[^\s]{1,2000}/g,
'[url]'
);

Expand Down
Loading