help wantedpriority: medium
Metriche repository
- Star
- (3 star)
- Metriche merge PR
- (Metriche PR in attesa)
Descrizione
Description
Perform a security audit focusing on input validation and file handling.
Areas to Review
- CSV parsing (injection attacks)
- JSON parsing (DoS via nested objects)
- File path handling (traversal attacks)
- Memory allocation limits
- Integer overflow checks
Tasks
- Review all input parsing code
- Add input size limits
- Add path validation
- Run cargo-audit
- Consider fuzz testing
Acceptance Criteria
- No known vulnerabilities
- Input limits documented
- cargo-audit clean