arian/anubis-mirror
1
0
Fork 0
mirror of https://github.com/TecharoHQ/anubis.git synced 2026-05-20 05:10:30 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
Xe/small-sec-fixes
anubis-mirror/lib/policy/expressions
T
History
Xe Iaso 97d15cd803 fix(expressions): validate randInt bounds before rand.IntN 
Non-positive or platform-overflowing arguments to the CEL randInt
helper used to reach rand.IntN unchecked, surfacing a CEL evaluator
error during request processing when policies passed
attacker-influenced values (e.g. contentLength). Reject non-positive
bounds and detect int narrowing explicitly, returning a typed CEL
error in both cases.

Ref: AWOO-010
Signed-off-by: Xe Iaso <me@xeiaso.net>
2026-05-18 21:27:28 -04:00
..
environment_test.go
fix(expressions): validate randInt bounds before rand.IntN
2026-05-18 21:27:28 -04:00
environment.go
fix(expressions): validate randInt bounds before rand.IntN
2026-05-18 21:27:28 -04:00
http_headers_test.go
style: Some minor fixes (#548)
2025-06-07 18:21:22 +00:00
http_headers.go
fix: add cel iterator (#1465)
2026-03-21 19:30:05 +00:00
loadavg.go
fix(expressions): mend possible nil pointer deref edge case
2026-05-18 21:12:38 -04:00
map_iterator.go
fix: add cel iterator (#1465)
2026-03-21 19:30:05 +00:00
README.md
feat(checker): add CEL for matching complicated expressions (#421)
2025-05-03 14:26:54 -04:00
url_values_test.go
style: Some minor fixes (#548)
2025-06-07 18:21:22 +00:00
url_values.go
fix: add cel iterator (#1465)
2026-03-21 19:30:05 +00:00

README.md

Expressions support

The expressions support is based on ideas from go-away but with different opinions about how things should be done.

Reference in New Issue View Git Blame Copy Permalink