fix: additional input validation for CVE graphQL query (#2408)

It is possible to ask for a very large limit size which can exhaust memory. Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2026-06-16 04:17:55 +08:00 · 2024-04-23 23:23:17 -07:00
parent 7b1fc0450e
commit 186855b5f8
3 changed files with 24 additions and 0 deletions
@@ -117,6 +117,7 @@ var (
 	ErrEmptyDigest                    = errors.New("digest can't be empty string")
 	ErrInvalidRepoRefFormat           = errors.New("invalid image reference format, use [repo:tag] or [repo@digest]")
 	ErrLimitIsNegative                = errors.New("pagination limit has negative value")
+	ErrLimitIsExcessive               = errors.New("pagination limit has excessive value")
 	ErrOffsetIsNegative               = errors.New("pagination offset has negative value")
 	ErrSortCriteriaNotSupported       = errors.New("the pagination sort criteria is not supported")
 	ErrMediaTypeNotSupported          = errors.New("media type is not supported")