Skip to content

Fix log injection via unsanitized user input in RiskAdjustmentController#455

Merged
aurelianware merged 2 commits intomainfrom
copilot/sub-pr-454
Mar 13, 2026
Merged

Fix log injection via unsanitized user input in RiskAdjustmentController#455
aurelianware merged 2 commits intomainfrom
copilot/sub-pr-454

Conversation

Copy link
Contributor

Copilot AI commented Mar 13, 2026
edited
Loading

Code scanning alert #805 flagged request.RiskModel — a user-controlled [FromBody] field — being passed unsanitized into a structured log call, enabling log injection via embedded CR/LF.

Change

RiskAdjustmentController.cs RequestScoreCalculation (line 176): wrap request.RiskModel with the existing SanitizeForLog() helper, consistent with all other user-input log parameters across both services.

// Before
_logger.LogInformation(
    "Score calculation requested for member {MemberId}, year {Year}, model {Model}",
    SanitizeForLog(request.MemberId), request.MeasurementYear, request.RiskModel);

// After
_logger.LogInformation(
    "Score calculation requested for member {MemberId}, year {Year}, model {Model}",
    SanitizeForLog(request.MemberId), request.MeasurementYear, SanitizeForLog(request.RiskModel));

All other string user-input log parameters in both RiskAdjustmentController and EncountersController were already correctly sanitized.

🔒 GitHub Advanced Security automatically protects Copilot coding agent pull requests. You can protect all pull requests by enabling Advanced Security for your repositories. Learn more about Advanced Security.

Copilot AI mentioned this pull request Mar 13, 2026
Merged
Base automatically changed from claude/encounter-service-rest-api-OT7Fl to main March 13, 2026 06:21
Copilot AI changed the title [WIP] [WIP] Address feedback on user input log entries Fix log injection via unsanitized user input in RiskAdjustmentController Mar 13, 2026
Copilot AI requested a review from aurelianware March 13, 2026 06:23
@aurelianware aurelianware marked this pull request as ready for review March 13, 2026 06:28
Copilot AI review requested due to automatic review settings March 13, 2026 06:28
Copilot AI reviewed Mar 13, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot wasn't able to review any files in this pull request.

@aurelianware
Copy link
Owner

aurelianware commented Mar 13, 2026

@copilot are there any changes to make on this PR?

Copy link
Contributor Author

Copilot AI commented Mar 13, 2026

@copilot are there any changes to make on this PR?

No further changes are needed. The PR is complete — request.RiskModel is now wrapped with SanitizeForLog() at line 176, resolving alert #805. A full audit of every _logger call in both RiskAdjustmentController and EncountersController confirms all user-supplied string values are already sanitized; the only other log args that aren't wrapped are numeric/enum types (int, decimal, LineOfBusiness, ScoreStatus) which don't carry injection risk.

@aurelianware aurelianware merged commit 52fec74 into main Mar 13, 2026
34 checks passed
@aurelianware aurelianware deleted the copilot/sub-pr-454 branch March 13, 2026 06:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

+1 more reviewer

@aurelianware aurelianware aurelianware approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@aurelianware aurelianware

Copilot code review Copilot

Labels

size/XS

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@aurelianware