From d97e554dfccdea40a975891d8ef23b70b73800f0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Torjus=20H=C3=A5kestad?= <torjus@usit.uio.no>
Date: Thu, 5 Feb 2026 20:58:35 +0100
Subject: [PATCH] fix: cap log query limit and validate direction parameter

Prevent unbounded memory usage by capping the limit parameter to 5000.
Validate direction against allowed values instead of passing through
to Loki unchecked.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---
 internal/monitoring/handlers.go | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/internal/monitoring/handlers.go b/internal/monitoring/handlers.go
index e50e8db..21bc207 100644
--- a/internal/monitoring/handlers.go
+++ b/internal/monitoring/handlers.go
@@ -589,9 +589,15 @@ func makeQueryLogsHandler(loki *LokiClient) mcp.ToolHandler {
 		if l, ok := args["limit"].(float64); ok && l > 0 {
 			limit = int(l)
 		}
+		if limit > 5000 {
+			limit = 5000
+		}
 
 		direction := "backward"
 		if d, ok := args["direction"].(string); ok && d != "" {
+			if d != "backward" && d != "forward" {
+				return mcp.ErrorContent(fmt.Errorf("direction must be 'backward' or 'forward'")), nil
+			}
 			direction = d
 		}