From 4af278c3c750f22d75423a53c685d963e9ddc934 Mon Sep 17 00:00:00 2001 From: Paulin Todev Date: Mon, 20 Jan 2025 17:31:15 +0000 Subject: [PATCH] Check number of log fields in MongoDB exporter. (#2451) --- internal/static/integrations/logruskit.go | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/internal/static/integrations/logruskit.go b/internal/static/integrations/logruskit.go index 155c73d576..9d524774a9 100644 --- a/internal/static/integrations/logruskit.go +++ b/internal/static/integrations/logruskit.go @@ -51,6 +51,12 @@ func (o output) Write(data []byte) (n int, err error) { } sort.Strings(keys) + // Protecting against a potential integer overflow as reported by GitHub CodeQL. + // The number of fields is expected to be well below this limit. + if fieldLen := len(ll.Data); fieldLen > 100000 { + return 0, fmt.Errorf("too many fields: %d", fieldLen) + } + vals := make([]interface{}, 0, 2*len(ll.Data)+2) for _, k := range keys { vals = append(vals, k, ll.Data[k])