feat: add requirements validation and enforce concurrent build limits

Author: fok666

infrastructure/lambdas/check_status/index.py

@@ -110,7 +110,7 @@ def handler(event, context):
                     "filename": filename,
                     "download_url": download_url,
                     "architecture": architecture,
-                    "s3_key": s3_key,
+                    # s3_key intentionally omitted — callers only need the presigned URL
                 })
             except ClientError as e:
                 print(f"Failed to generate presigned URL for {s3_key}: {e}")

infrastructure/lambdas/process_build/index.py

@@ -174,7 +174,11 @@ def _update_status(build_id, status, error=None):
 
 def _generate_user_data(build_id, arch, python_version, requirements, single_file, log_group_name):
     """Generate the EC2 user-data bash script for a single-architecture build."""
-    req_escaped = requirements.replace("\\", "\\\\").replace("'", "'\\''")
+    # Base64-encode requirements to prevent heredoc/shell-injection.
+    # Embedding raw user content in a bash heredoc is unsafe: a line matching
+    # the sentinel (REQUIREMENTS_EOF) would break out of the heredoc and allow
+    # arbitrary command execution on the EC2 instance.
+    req_b64 = base64.b64encode(requirements.encode("utf-8")).decode("ascii")
     if arch == "arm64":
         arch_label = "arm64"
         platform = "linux/arm64"
@@ -268,11 +272,9 @@ def _generate_user_data(build_id, arch, python_version, requirements, single_fil
   && echo "$(date): CloudWatch streaming active \u2192 {log_group_name}/{build_id}" \\
   || echo "$(date): WARNING: CloudWatch agent failed to start"
 
-# --- Create requirements file ---
+# --- Create requirements file (base64-encoded to prevent injection) ---
 mkdir -p /build/input /build/output
-cat > /build/input/requirements.txt << 'REQUIREMENTS_EOF'
-{requirements}
-REQUIREMENTS_EOF
+echo '{req_b64}' | base64 -d > /build/input/requirements.txt
 
 echo "$(date): Requirements:"
 cat /build/input/requirements.txt

infrastructure/lambdas/submit_build/index.py

@@ -16,6 +16,7 @@
 import uuid
 import time
 import os
+import re
 import boto3
 
 dynamodb = boto3.resource("dynamodb")
@@ -28,6 +29,7 @@
 VALID_PYTHON_VERSIONS = ["3.10", "3.11", "3.12", "3.13", "3.14"]
 VALID_ARCHITECTURES = ["x86_64", "arm64"]
 MAX_REQUIREMENTS_LENGTH = 10000  # 10KB max
+MAX_ACTIVE_BUILDS = int(os.environ.get("MAX_ACTIVE_BUILDS", "10"))
 
 
 def handler(event, context):
@@ -47,6 +49,10 @@ def handler(event, context):
             "error": f"requirements too large (max {MAX_REQUIREMENTS_LENGTH} chars)"
         })
 
+    req_error = _validate_requirements(requirements)
+    if req_error:
+        return _response(400, {"error": req_error})
+
     python_version = body.get("python_version", "3.13")
     if python_version not in VALID_PYTHON_VERSIONS:
         return _response(400, {
@@ -67,6 +73,35 @@ def handler(event, context):
     if not isinstance(single_file, bool):
         return _response(400, {"error": "single_file must be a boolean"})
 
+    # --- Enforce concurrent-build cap ---
+    # Sum approximate queued + in-flight messages to estimate active builds.
+    # This prevents a single caller from queueing unbounded EC2 Spot launches.
+    try:
+        attrs = sqs.get_queue_attributes(
+            QueueUrl=QUEUE_URL,
+            AttributeNames=[
+                "ApproximateNumberOfMessages",
+                "ApproximateNumberOfMessagesNotVisible",
+            ],
+        )["Attributes"]
+        active = (
+            int(attrs.get("ApproximateNumberOfMessages", 0))
+            + int(attrs.get("ApproximateNumberOfMessagesNotVisible", 0))
+        )
+        if active >= MAX_ACTIVE_BUILDS:
+            return _response(
+                429,
+                {
+                    "error": (
+                        f"Build queue is at capacity ({MAX_ACTIVE_BUILDS} concurrent builds). "
+                        "Please retry later."
+                    )
+                },
+            )
+    except Exception as e:
+        print(f"WARNING: could not check queue depth: {e}")
+        # Fail open — allow the build rather than blocking on a transient error.
+
     # --- Create build record ---
     build_id = str(uuid.uuid4())
     now = int(time.time())
@@ -113,6 +148,47 @@ def handler(event, context):
     })
 
 
+def _validate_requirements(requirements: str):
+    """
+    Validate requirements.txt content.
+
+    Returns an error string if invalid, or None if the content is acceptable.
+
+    Rules:
+    - URL-based installs (git+, http://, https://, file://, vcs+...) are rejected.
+      They bypass PyPI and allow arbitrary code to be pulled from any host.
+    - Recursive includes (-r / --requirement) and constraint files
+      (-c / --constraint) are rejected to prevent file-system reads on the
+      builder instance.
+    - Lines with obvious shell metacharacters (;, |, &, $, `) are rejected
+      as a defence-in-depth measure against injection in downstream tools.
+    """
+    URL_PREFIXES = ("git+", "http://", "https://", "file://", "svn+", "hg+", "bzr+")
+    BLOCKED_FLAGS = ("-r ", "-r\t", "--requirement", "-c ", "-c\t", "--constraint")
+    SHELL_META = re.compile(r'[;|&$`]')
+
+    for lineno, raw_line in enumerate(requirements.splitlines(), 1):
+        line = raw_line.strip()
+        if not line or line.startswith("#"):
+            continue
+        if any(line.startswith(p) for p in URL_PREFIXES):
+            return (
+                f"Line {lineno}: URL-based requirements are not allowed. "
+                "Specify packages by name and version (e.g., requests==2.32.4)."
+            )
+        if any(line.startswith(f) for f in BLOCKED_FLAGS):
+            return (
+                f"Line {lineno}: recursive includes (-r) and constraint files (-c) "
+                "are not allowed."
+            )
+        if SHELL_META.search(line):
+            return (
+                f"Line {lineno}: shell metacharacters (;, |, &, $, `) are not "
+                "allowed in requirements."
+            )
+    return None
+
+
 def _response(status_code, body):
     """Create API Gateway response with CORS headers."""
     return {