Skip to content

Fix _iovec_writer_flush. Enforce limits on $_POST#3495

Merged
cataphract merged 1 commit intomasterfrom
glopes/limits-and-fix
Nov 21, 2025
Merged

Fix _iovec_writer_flush. Enforce limits on $_POST#3495
cataphract merged 1 commit intomasterfrom
glopes/limits-and-fix

Conversation

@cataphract
Copy link
Copy Markdown
Contributor

@cataphract cataphract commented Nov 21, 2025
edited
Loading

Description

  • Fix _iovec_writer_flush.
  • Enforce limits on $_POST data sent to the WAF on request start
  • Exercise more code paths in mpack code by defining MPACK_DEBUG

Reviewer checklist

  • Test coverage seems ok.
  • Appropriate labels assigned.

@cataphract cataphract requested a review from a team as a code owner November 21, 2025 16:38
@cataphract cataphract force-pushed the glopes/limits-and-fix branch from f3e6043 to f05d658 Compare November 21, 2025 16:45
@codecov-commenter
Copy link
Copy Markdown

codecov-commenter commented Nov 21, 2025
edited
Loading

Codecov Report

❌ Patch coverage is 66.66667% with 9 lines in your changes missing coverage. Please review.
✅ Project coverage is 61.69%. Comparing base (4485a51) to head (ae9e9ed).
⚠️ Report is 3 commits behind head on master.

Files with missing lines Patch % Lines
appsec/src/extension/msgpack_helpers.c 61.90% 5 Missing and 3 partials ⚠️
appsec/src/extension/commands_helpers.c 0.00% 1 Missing ⚠️
Additional details and impacted files

Impacted file tree graph

@@            Coverage Diff             @@
##           master    #3495      +/-   ##
==========================================
- Coverage   61.88%   61.69%   -0.20%     
==========================================
  Files         142      142              
  Lines       12904    12918      +14     
  Branches     1689     1694       +5     
==========================================
- Hits         7986     7970      -16     
- Misses       4159     4193      +34     
+ Partials      759      755       -4
Files with missing lines Coverage Δ
appsec/src/extension/commands/request_init.c 85.52% <100.00%> (ø)
appsec/src/extension/php_helpers.c 77.21% <100.00%> (-0.29%) ⬇️
appsec/src/extension/commands_helpers.c 69.03% <0.00%> (-1.16%) ⬇️
appsec/src/extension/msgpack_helpers.c 55.26% <61.90%> (-2.56%) ⬇️

... and 1 file with indirect coverage changes

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 4485a51...ae9e9ed. Read the comment docs.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@cataphract cataphract force-pushed the glopes/limits-and-fix branch from f05d658 to ae9e9ed Compare November 21, 2025 17:01
@cataphract cataphract merged commit cebce04 into master Nov 21, 2025
1966 of 2005 checks passed
@cataphract cataphract deleted the glopes/limits-and-fix branch November 21, 2025 17:38
@github-actions github-actions Bot added this to the 1.15.0 milestone Nov 21, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@estringana estringana estringana approved these changes

Assignees

No one assigned

Labels

area:asm

Projects

None yet

Milestone

1.15.0

Development

Successfully merging this pull request may close these issues.

3 participants

@cataphract @codecov-commenter @estringana