Skip to content

Emtemf/api-codegen REV-2026-007: Bound Web UI and bridge input size and execution time #18

Description

@Emtemf

finding_id: REV-2026-007
priority: P1
area: security
kind: security
paths:


Summary

Bound Web UI and bridge input size, execution time, and concurrency to prevent resource exhaustion.

Evidence

Global review finding REV-2026-007 identified missing HTTP-body and Java-stdin size limits, YAML size limits, hard execution timeouts, child-process-tree termination, and concurrency/queue controls.

Impact

An attacker or accidental oversized document can consume memory, CPU, subprocesses, or queue capacity and make the Web UI unavailable.

Scope

Set HTTP and stdin byte limits with early termination, enforce YAML file/string limits, add hard Maven/Java bridge timeouts that terminate process trees, and return 413/503/504 where appropriate.

Out of scope

Default host binding, static-file routing, and authentication; host binding is tracked by REV-2026-001.

Acceptance criteria

  • HTTP body 和 Java stdin 超限返回 413 并停止读取
  • YAML 文件/字符串有大小上限
  • Maven/Java bridge 有硬超时并终止子进程树
  • 限制并发/队列,未就绪返回 503/504
  • 正常 api.yaml 分析流程不受影响

Verification

Exercise oversized HTTP and stdin payloads, oversized YAML, hung bridge processes, and saturated concurrency; assert bounded resource use, response codes, cleanup, and successful normal analysis.

Rollback

Revert the limits and timeout enforcement while retaining load/regression fixtures and blocking automation pending a revised capacity design.

Dependencies

Blocked by REV-2026-001 (#12). Do not add automation:ready until the dependency is completed and design review is complete.

Metadata

Metadata

Assignees

No one assigned

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions