Project
vgrep
Description
The search API accepts any max_results value without validation, allowing clients to request billions of results.
Error Observation
A client can request max_results = usize::MAX causing server to attempt huge allocations.
Error Message
Debug Logs
System Information
Version: 0.1.0
## Operating System
OS: Ubuntu 24.04.3 LTS
Kernel: 6.8.0-79-generic
Arch: x86_64
## Hardware
CPU: AMD Ryzen 9 5950X 16-Core Processor (4 cores)
RAM: 11 GB
## Build Environment
Rust: rustc 1.92.0 (ded5c06cf 2025-12-08)
Target: x86_64
Screenshots
No response
Steps to Reproduce
- Open
src/server/api.rs
- Examine lines 28-34:
#[derive(Debug, Deserialize)]
pub struct SearchRequest {
pub query: String,
#[serde(default)]
pub path: Option<String>,
#[serde(default = "default_max_results")]
pub max_results: usize, // No maximum validation!
}
- Send a request with
max_results: 18446744073709551615
Expected Behavior
Should validate and cap max_results (e.g., max 1000).
Actual Behavior
Any value accepted, enabling DoS through memory exhaustion.
Additional Context
No rate limiting or result size limiting in place.
Project
vgrep
Description
The search API accepts any
max_resultsvalue without validation, allowing clients to request billions of results.Error Observation
A client can request
max_results = usize::MAXcausing server to attempt huge allocations.Error Message
Debug Logs
System Information
Screenshots
No response
Steps to Reproduce
src/server/api.rsmax_results: 18446744073709551615Expected Behavior
Should validate and cap max_results (e.g., max 1000).
Actual Behavior
Any value accepted, enabling DoS through memory exhaustion.
Additional Context
No rate limiting or result size limiting in place.