Jacob Magar fa99c32f6c fix: harden read-logs.sh against GraphQL injection and path traversal ...

- Remove slashes from LOG_NAME regex to block path traversal (e.g.
  ../../etc/passwd). Only alphanumeric, dots, hyphens, underscores allowed.
- Cap LINES to 1-10000 range to prevent resource exhaustion.
- Add query script existence check before execution.
- Add query failure, empty response, and invalid JSON guards.

Resolves review thread PRRT_kwDOO6Hdxs5uvKrj

2026-02-15 23:03:13 -05:00

1.5 KiB

Executable File

Raw Blame History

View Raw