Skip to content

fix: make GitHub Link pagination parsing linear#189

Merged
saagpatel merged 1 commit into
mainfrom
codex/fix-codeql-highs
Jul 17, 2026
Merged

fix: make GitHub Link pagination parsing linear#189
saagpatel merged 1 commit into
mainfrom
codex/fix-codeql-highs

Conversation

@saagpatel

Copy link
Copy Markdown
Owner

What

Replace the uncontrolled GitHub Link-header regex with a small linear parser shared by the primary GitHub client and GHAS pagination. Move the three existing credential-storage false-positive annotations to CodeQL's effective preceding-line form.

Why

CodeQL alert #407 identified polynomial regex behavior on an API-controlled Link header. The same fallback existed in the GHAS path. Large malformed headers must fail closed without invoking a backtracking regex, while valid GitHub pagination must continue to work.

Review Of What Was Built

  • Added a bounded linear rel=next parser.
  • Preserved requests.Response.links as the preferred parser.
  • Applied the safe fallback to both pagination implementations.
  • Added regression coverage for valid two-page pagination and a 200,001-character malformed header.
  • Preserved the runtime credential guards underlying alerts #400, #405, and #406 and made their source annotations effective.

Cleanup Review

Removed both copies of the polynomial Link-header regex. No API, output, scheduler, portfolio-truth, or collection behavior was broadened.

Verification Summary

  • Focused security/client tests: 58 passed.
  • Full suite: 2,924 passed, 2 skipped.
  • Ruff: passed.
  • git diff --check: passed.

Shipped Summary

On this branch, attacker-controlled Link headers cannot reach the flagged regex, malformed headers fail closed, and valid fallback pagination remains compatible.

Next Phase

Let CodeQL verify alert #407 no longer reproduces. After merge, classify the three guarded storage alerts as false positives using their existing regression evidence and refresh the bounded security receipt.

Remaining Roadmap

AIGCCore's historical CodeReviewID finding remains visible until genuinely reviewed future changes rotate the unreviewed commit window.

Comment thread src/cache.py Dismissed
Comment thread src/operator_control_center_artifacts.py Dismissed
Comment thread src/operator_control_center_artifacts.py Dismissed
@saagpatel
saagpatel merged commit a639af7 into main Jul 17, 2026
4 checks passed
@saagpatel
saagpatel deleted the codex/fix-codeql-highs branch July 17, 2026 04:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants