String parameter has no maximum length defined
Some string parameters in your API do not have the maximum length specified.
For more details, see the OpenAPI Specification.
The following is an example of how this type of risk could look in your API definition:
1parameters: 2 in: query 3 name: id 4 type: string 5 description: Identifier of the object to be extracted. 6
Possible exploit scenario
If you do not limit the length of strings, attackers can send longer strings to your API than what your backend server can handle. This could overload your backend server and make it crash. In some cases, this could cause a buffer overflow and allow for executing arbitrary code. Long strings are also more prone to injection attacks.
maxLength parameter to ensure that only strings of the expected size get passed to your API:
1parameters: 2 in: query 3 name: id 4 type: string 5 maxLength: 8 6 description: Identifier of the object to be extracted. 7
We also recommend that you specify a regular expression to further lock down the expected string format.
For more information on regular expressions, see the following:
- Language-agnostic information on regular expressions at Base Definitions page on regular expressions
- OWASP Validation Regex Repository
- RegExr, an online tool for building and testing regular expressions
Copyright 42Crunch 2021