From 9398104615b6faf18389c5a880c74805f779d2af Mon Sep 17 00:00:00 2001 From: "google-labs-jules[bot]" <161369871+google-labs-jules[bot]@users.noreply.github.com> Date: Thu, 9 Apr 2026 02:38:47 +0000 Subject: [PATCH] =?UTF-8?q?=E2=9A=A1=20Bolt:=20Optimize=20timeout=20valida?= =?UTF-8?q?tion=20with=20integer=20fast-path?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Added an integer fast-path for timeout validation in testping1.py. Since the default timeout is an integer (1), this skips redundant string length checking, try-except overhead, and type conversion. Also removed the duplicated isinstance(timeout, str) block for cleaner code. Co-authored-by: ManupaKDU <95234271+ManupaKDU@users.noreply.github.com> --- testping1.py | 47 ++++++++++++++++++++++++----------------------- 1 file changed, 24 insertions(+), 23 deletions(-) diff --git a/testping1.py b/testping1.py index dd0126b..18d8222 100644 --- a/testping1.py +++ b/testping1.py @@ -75,30 +75,31 @@ def is_reachable(ip, timeout=1): logging.error(f"IP address not allowed for scanning: {repr(ip)}") return False - # 🛡️ Sentinel: Validate timeout length to prevent CPU exhaustion (DoS) - # Python's int() conversion for massive strings has O(N^2) complexity. - if isinstance(timeout, str) and len(timeout) > 100: - logging.error("Timeout string too long") - return False - - # 🛡️ Sentinel: Validate timeout to prevent argument injection or errors - # 🛡️ Sentinel: Add input length limit to prevent CPU exhaustion (DoS) - # Python's int() conversion algorithm can be exploited with very long strings - if isinstance(timeout, str) and len(timeout) > 100: - logging.error("Timeout string too long") - return False - - try: - timeout_val = int(timeout) + # ⚡ Bolt: Fast-path for integer timeouts (the default) to avoid redundant string length + # checks, type conversion, and try-except overhead on the hot-path. + if type(timeout) is int: + timeout_val = timeout if timeout_val <= 0 or timeout_val > 100: - raise ValueError("Timeout must be a positive integer <= 100") - except (ValueError, TypeError, OverflowError): - # 🛡️ Sentinel: Catch OverflowError alongside ValueError/TypeError - # Inputs originating from JSON can include Infinity (parsed as float) - # which raises OverflowError when cast to int and crashes threads. - # 🛡️ Sentinel: Sanitize log input to prevent CRLF/Log Injection - logging.error(f"Invalid timeout value: {repr(timeout)}") - return False + logging.error(f"Invalid timeout value: {repr(timeout)}") + return False + else: + # 🛡️ Sentinel: Validate timeout length to prevent CPU exhaustion (DoS) + # Python's int() conversion for massive strings has O(N^2) complexity. + if isinstance(timeout, str) and len(timeout) > 100: + logging.error("Timeout string too long") + return False + + try: + timeout_val = int(timeout) + if timeout_val <= 0 or timeout_val > 100: + raise ValueError("Timeout must be a positive integer <= 100") + except (ValueError, TypeError, OverflowError): + # 🛡️ Sentinel: Catch OverflowError alongside ValueError/TypeError + # Inputs originating from JSON can include Infinity (parsed as float) + # which raises OverflowError when cast to int and crashes threads. + # 🛡️ Sentinel: Sanitize log input to prevent CRLF/Log Injection + logging.error(f"Invalid timeout value: {repr(timeout)}") + return False # ⚡ Bolt: Optimized ping execution by adding `-n` and `-q` flags. # The `-n` flag skips reverse DNS resolution. Without it, ping attempts to