Security: path traversal hardening, mtime-keyed index cache, and ReDoS input limit#139
Open
purvi1508 wants to merge 6 commits intogoogle:masterfrom
Open
Security: path traversal hardening, mtime-keyed index cache, and ReDoS input limit#139purvi1508 wants to merge 6 commits intogoogle:masterfrom
purvi1508 wants to merge 6 commits intogoogle:masterfrom
Conversation
Enhance path validation and caching mechanism in CliTable.
Added max_input_len parameter to ParseText and ParseTextToDicts methods to limit input length and prevent regex backtracking issues.
This module provides a thread-safe cache for compiled TextFSM instances, automatically invalidating entries when the template file is modified. It includes methods for retrieving and invalidating cached templates.
Add comprehensive tests for security and robustness improvements in textfsm, covering TemplateCache, path-traversal hardening, and ReDoS mitigation.
This test file includes tests for security improvements such as template caching, path traversal hardening, and ReDoS mitigation in the TextFSM library.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
This PR addresses three issues identified in a security review of clitable.py
and parser.py , and adds a new standalone cache.py module.
Changes
1. textfsm/cache.py — new file
A thread-safe TemplateCache class that stores compiled TextFSM instances
keyed by (absolute_path, mtime_int) . When a template file is modified on disk
the stale entry is automatically evicted and recompiled on the next request.
Supports an optional max_size for LRU-style eviction and an invalidate()
method for explicit flushing. A module-level _DEFAULT_CACHE singleton is
provided for future use by CliTable .
2. textfsm/clitable.py — path traversal hardening + mtime cache
and checks it is contained within template_dir . Paths that escape the root
(e.g. ../../etc/passwd ) raise CliTableError . The check is skipped when
template_dir is None , preserving backward compatibility.
before opening, so a malicious entry in an index file cannot read arbitrary
files.
of a plain string. Stale entries for the same path are evicted automatically
when the file changes on disk.
3. textfsm/parser.py — configurable input length limit
ParseText and ParseTextToDicts each gain an optional max_input_len
keyword argument (default None , fully backward-compatible). When set, a
TextFSMError is raised before any regex matching if the input exceeds the
limit, giving callers a straightforward way to guard against adversarially large
inputs that could cause catastrophic backtracking (ReDoS) in complex templates.
4. tests/security_test.py — new file
42 unit tests covering all three changes: cache hit/miss, mtime invalidation,
max_size eviction, thread safety (20 concurrent goroutines), _ValidatePath
with .. traversal and absolute escapes, traversal in template names,
ReadIndex rejection, and max_input_len boundary values.