Thanks to visit codestin.com
Credit goes to github.com

Skip to content

fix(caddyfile): guard snippet import cycles #8

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
yongtang merged 1 commit into from
Sep 19, 2025
Merged

fix(caddyfile): guard snippet import cycles #8

yongtang merged 1 commit into from
Sep 19, 2025

Conversation

@thevilledev
Copy link

@thevilledev thevilledev commented Sep 18, 2025
edited
Loading

Add a cycle guard for Caddyfile snippet imports. Track snippet expansions with a hard cap (1000) and error on trivial self-imports in snippet bodies to prevent infinite recursion.

Add tests for snippet self-import, to validate the newly added failure state. Run the TestSnippetImportCycle test against master branch and you will see it times out:

$ go test ./caddyfile -timeout=5s -run ^TestSnippetImportCycle$
panic: test timed out after 5s

Originally found in OSS-Fuzz issue #42486385 while fuzzing CoreDNS.

Once merged, could we publish a new release and bump the dependency in CoreDNS?

@thevilledev
fix(caddyfile): guard snippet import cycles
768b8db 
Add a cycle guard for Caddyfile snippet imports. Track snippet
expansions with a hard cap (1000) and error on trivial self-imports
in snippet bodies to prevent infinite recursion. Add tests for
snippet self-import failure.

Signed-off-by: Ville Vesilehto <[email protected]>
@thevilledev
Copy link
Author

thevilledev commented Sep 19, 2025

cc @miekg @yongtang - just realised there's no CODEOWNERS file present in the repo, thus no notifications 😃

@yongtang yongtang merged commit fabd98a into coredns:master Sep 19, 2025
1 check passed
This was referenced Sep 19, 2025
Merged
Merged
jdamick pushed a commit to jdamick/caddy that referenced this pull request Sep 25, 2025
@thevilledev
fix(caddyfile): guard snippet import cycles (coredns#8)
a5b48b7
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@yongtang yongtang yongtang approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@thevilledev @yongtang