olivier/stupid-simple-network-inventory
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: cap /api/discovery/ping at 4096 IPs and fix test suite

Browse Source 
- Add MAX_PING_IPS=4096 constant and validate list size in PingRequest
  before spawning futures, returning 422 on overflow
- Add test_ping_too_many_ips_rejected to cover the new cap
- Pin httpx<0.28 in requirements-test.txt (0.28 broke TestClient API)
- Fix reset_db fixture to set a known admin password regardless of
  INITIAL_ADMIN_PASSWORD env var (was causing 401 on all auth tests)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Olivier
2026-05-18 18:16:08 +02:00
parent ec669c87b4
commit e8ca10f1b7
3 changed files with 20 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
backend/routers/discovery.py
+3
View File
@@ -16,6 +16,7 @@ router = APIRouter()
MAX_HOSTS_PER_TARGET = 1024 # refuse les /21 et plus larges
MAX_HOSTS_TOTAL = 4096 # cap global sur l'ensemble des targets
MAX_PING_IPS = 4096 # cap sur /api/discovery/ping
_ENV_DNS = os.environ.get("DNS_SERVER", "").strip()
@@ -135,6 +136,8 @@ class PingRequest(BaseModel):
@field_validator("ips")
@classmethod
def _ips(cls, v: list[str]) -> list[str]:
if len(v) > MAX_PING_IPS:
raise ValueError(f"Too many IPs: {len(v)} (max {MAX_PING_IPS})")
for ip in v:
try:
ipaddress.ip_address(ip)