From 88d284f84e3d7985faafca38f97c0acb18271dd2 Mon Sep 17 00:00:00 2001
From: "google-labs-jules[bot]"
 <161369871+google-labs-jules[bot]@users.noreply.github.com>
Date: Sun, 22 Mar 2026 02:06:11 +0000
Subject: [PATCH] Add input length limits to prevent DoS

Co-authored-by: ManupaKDU <95234271+ManupaKDU@users.noreply.github.com>
---
 test_testping1.py | 7 +++++++
 testping1.py      | 5 +++++
 2 files changed, 12 insertions(+)

diff --git a/test_testping1.py b/test_testping1.py
index cc3f6a8..43b5865 100644
--- a/test_testping1.py
+++ b/test_testping1.py
@@ -27,6 +27,13 @@ def test_is_reachable_invalid_ip_format(self, mock_call):
         self.assertFalse(is_reachable('invalid_ip'))
         mock_call.assert_not_called()
 
+    @patch('testping1.subprocess.call')
+    def test_is_reachable_ip_length_limit(self, mock_call):
+        """Test is_reachable enforces length limit on IP addresses."""
+        long_ip = "1" * 101
+        self.assertFalse(is_reachable(long_ip))
+        mock_call.assert_not_called()
+
     @patch('testping1.subprocess.call')
     def test_is_reachable_argument_injection(self, mock_call):
         """Test is_reachable prevents argument injection by rejecting invalid IPs."""
diff --git a/testping1.py b/testping1.py
index 16af1e0..fe27786 100644
--- a/testping1.py
+++ b/testping1.py
@@ -15,6 +15,11 @@ def is_reachable(ip, timeout=1):
         bool: True if the ping is successful, False otherwise.
     """
 
+    # 🛡️ Sentinel: Enforce strict string length limits to prevent DoS via ipaddress module
+    if not isinstance(ip, str) or len(ip) > 100:
+        logging.error(f"IP address exceeds maximum length or is invalid type")
+        return False
+
     # 🛡️ Sentinel: Validate IP address to prevent argument injection
     try:
         ip_obj = ipaddress.ip_address(ip)