漏洞概述 该漏洞涉及 仓库中的 模块。具体问题是当查询嵌套超过32层时,系统会抛出 错误。此问题可能影响使用 模块处理查询参数的应用程序。 影响范围 受影响模块: 触发条件:查询嵌套超过32层 错误类型: 修复方案 1. 增加嵌套层数限制:在 模块中增加对查询嵌套层数的检查,确保嵌套层数不超过32层。 2. 优化递归逻辑:优化 和 等函数的递归逻辑,避免深层嵌套导致的性能问题。 3. 更新测试用例:增加针对深层嵌套查询的测试用例,确保修复后的代码能够正确处理各种嵌套情况。 POC代码 以下是与漏洞相关的POC代码: ```elixir lib/plug/conn/query.ex defmodule Plug.Conn.Query do @max_nesting 32 defp split_keys(key, pos, rest, value, acc) do split_keys(rest, key, pos, value, [{root, value}]) end defp split_keys(rest, key, pos, value, acc) do split_keys(rest, key, pos, value, [{root, value}]) end defp split_keys(rest, key, pos, value, acc) do split_keys(rest, key, pos, value, [{root, value}]) end defp split_keys(rest, key, pos, value, acc) do split_keys(rest, key, pos, value, [{root, value}]) end defp split_keys(rest, key, pos, value, acc) do split_keys(rest, key, pos, value, [{root, value}]) end defp split_keys(rest, key, pos, value, acc) do split_keys(rest, key, pos, value, [{root, value}]) end defp split_keys(rest, key, pos, value, acc) do split_keys(rest, key, pos, value, [{root, value}]) end defp split_keys(rest, key, pos, value, acc) do split_keys(rest, key, pos, value, [{root, value}]) end defp split_keys(rest, key, pos, value, acc) do split_keys(rest, key, pos, value, [{root, value}]) end defp split_keys(rest, key, pos, value, acc) do split_keys(rest, key, pos, value, [{root, value}]) end defp split_keys(rest, key, pos, value, acc) do split_keys(rest, key, pos, value, [{root, value}]) end defp split_keys(rest, key, pos, value, acc) do split_keys(rest, key, pos, value, [{root, value}]) end defp split_keys(rest, key, pos, value, acc) do split_keys(rest, key, pos, value, [{root, value}]) end defp split_keys(rest, key, pos, value, acc) do split_keys(rest, key, pos, value, [{root, value}]) end defp split_keys(rest, key, pos, value, acc) do split_keys(rest, key, pos, value, [{root, value}]) end defp split_keys(rest, key, pos, value, acc) do split_keys(rest, key, pos, value, [{root, value}]) end defp split_keys(rest, key, pos, value, acc) do split_keys(rest, key, pos, value, [{root, value}]) end defp split_keys(rest, key, pos, value, acc) do split_keys(rest, key, pos, value, [{root, value}]) end defp split_keys(rest, key, pos, value, acc) do split_keys(rest, key, pos, value, [{root, value}]) end defp split_keys(rest, key, pos, value, acc) do split_keys(rest, key, pos, value, [{root, value}]) end defp split_keys(rest, key, pos, value, acc) do split_keys(rest, key, pos, value, [{root, value}]) end defp split_keys(rest, key, pos, value, acc) do split_keys(rest, key, pos, value, [{root, value}]) end defp split_keys(rest, key, pos, value, acc) do split_keys(rest, key, pos, value, [{root, value}]) end defp split_keys(rest, key, pos, value, acc) do split_keys(rest, key, pos, value, [{root, value}]) end defp split_keys(rest, key, pos, value, acc) do split_keys(rest, key, pos, value, [{root, value}]) end defp split_keys(rest, key, pos, value, acc) do split_keys(rest, key, pos, value, [{root, value}]) end defp split_keys(rest, key, pos, value, acc) do split_keys(rest, key, pos, value, [{root, value}]) end defp split_keys(rest, key, pos, value, acc) do split_keys(rest, key, pos, value, [{root, value}]) end defp split_keys(rest, key, pos, value, acc) do split_keys(rest, key, pos, value, [{root, value}]) end defp split_keys(rest, key, pos, value, acc) do split_keys(rest, key, pos, value, [{root, value}]) end defp split_keys(rest, key, pos, value, acc) do split_keys(rest, key, pos, value, [{root, value}]) end defp split_keys(rest, key, pos, value, acc) do split_keys(rest, key, pos, value, [{root, value}]) end defp split_keys(rest, key, pos, value, acc) do split_keys(rest, key, pos, value, [{root, value}]) end defp split_keys(rest, key, pos, value, acc) do split_keys(rest, key, pos, value, [{root, value}]) end defp split_keys(rest, key, pos, value, acc) do split_keys(rest, key, pos, value, [{root, value}]) end defp split_keys(rest, key, pos, value, acc) do split_keys(rest, key, pos, value, [{root, value}]) end defp split_keys(rest, key, pos, value, acc) do split_keys(rest, key, pos, value, [{root, value}]) end defp split_keys(rest, key, pos, value, acc) do split_keys(rest, key, pos, value, [{root, value}]) end defp split_keys(rest, key, pos, value, acc) do split_keys(rest, key, pos, value, [{root, value}]) end defp split_keys(rest, key, pos, value, acc) do split_keys(rest, key, pos, value, [{root, value}]) end defp split_keys(rest, key, pos, value, acc) do split_keys(rest, key, pos, value, [{root, value}]) end defp split_keys(rest, key, pos, value, acc) do split_keys(rest, key, pos, value, [{root, value}]) end defp split_keys(rest, key, pos, value, acc) do split_keys(rest, key, pos, value, [{root, value}]) end defp split_keys(rest, key, pos, value, acc) do split_keys(rest, key, pos, value, [{root, value}]) end defp split_keys(rest, key, pos, value, acc) do split_keys(rest, key, pos, value, [{root, value}]) end defp split_keys(rest, key, pos, value, acc) do split_keys(rest, key, po