security: add validation bounds for configuration values #415
Description
Related to #391
Summary
Several configuration fields lack upper bounds validation, allowing misconfiguration to cause DoS through memory exhaustion or infinite loops.
Severity
Low — Requires admin access to config file.
Location
crates/zeph-core/src/config/types.rs
Unbounded Fields
memory.history_limit: u32 // could be u32::MAX → 4B records
memory.context_budget_tokens: usize // could be usize::MAX
agent.max_tool_iterations: usize // infinite loop DoSAttack Scenario
Malicious/misconfigured values:
[memory]
history_limit = 4294967295
context_budget_tokens = 18446744073709551615
[agent]
max_tool_iterations = 999999→ Memory exhaustion or infinite loops
Recommendation
Add validation in Config::load():
impl Config {
pub fn validate(&self) -> anyhow::Result<()> {
const MAX_HISTORY: u32 = 10_000;
const MAX_BUDGET: usize = 1_000_000;
const MAX_ITERATIONS: usize = 100;
if self.memory.history_limit > MAX_HISTORY {
anyhow::bail!("memory.history_limit exceeds maximum {MAX_HISTORY}");
}
if self.memory.context_budget_tokens > MAX_BUDGET {
anyhow::bail!("memory.context_budget_tokens exceeds maximum {MAX_BUDGET}");
}
if self.agent.max_tool_iterations > MAX_ITERATIONS {
anyhow::bail!("agent.max_tool_iterations exceeds maximum {MAX_ITERATIONS}");
}
Ok(())
}
}Call config.validate()? after loading in main.rs.
References
- CWE-1284 (Improper Validation of Specified Quantity in Input)
- Security audit:
.local/audit/security-audit.md(SEC-6)