From 92f369f444290757b9d36618042eb4508ffed722 Mon Sep 17 00:00:00 2001 From: Sungkyu Yoo Date: Sun, 19 Apr 2026 22:31:38 +0900 Subject: [PATCH 1/2] Potential fix for code scanning alert no. 21: Slice memory allocation with excessive size value Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- internal/services/kinesis/provider.go | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/internal/services/kinesis/provider.go b/internal/services/kinesis/provider.go index a6480d5..ca32bbb 100644 --- a/internal/services/kinesis/provider.go +++ b/internal/services/kinesis/provider.go @@ -194,11 +194,15 @@ func (p *Provider) GetMetrics(_ context.Context) (*plugin.ServiceMetrics, error) // --- Stream CRUD --- func (p *Provider) createStream(params map[string]any) (*plugin.Response, error) { + const maxShardCount = 1024 name, _ := params["StreamName"].(string) if name == "" { return jsonErr("ValidationException", "StreamName is required", http.StatusBadRequest), nil } shardCount := intParam(params, "ShardCount", 1) + if shardCount <= 0 || shardCount > maxShardCount { + return jsonErr("ValidationException", "ShardCount must be between 1 and 1024", http.StatusBadRequest), nil + } mode := "PROVISIONED" if md, ok := params["StreamModeDetails"].(map[string]any); ok { if m, ok := md["StreamMode"].(string); ok && m != "" { From a47b362455f86495c35c6322ad73a10447936b57 Mon Sep 17 00:00:00 2001 From: Sung-Kyu Yoo Date: Tue, 21 Apr 2026 01:32:36 +0900 Subject: [PATCH 2/2] fix: use maxShardCount constant in error message instead of hardcoded 1024 --- internal/services/kinesis/provider.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/internal/services/kinesis/provider.go b/internal/services/kinesis/provider.go index ca32bbb..9e4e04c 100644 --- a/internal/services/kinesis/provider.go +++ b/internal/services/kinesis/provider.go @@ -201,7 +201,7 @@ func (p *Provider) createStream(params map[string]any) (*plugin.Response, error) } shardCount := intParam(params, "ShardCount", 1) if shardCount <= 0 || shardCount > maxShardCount { - return jsonErr("ValidationException", "ShardCount must be between 1 and 1024", http.StatusBadRequest), nil + return jsonErr("ValidationException", fmt.Sprintf("ShardCount must be between 1 and %d", maxShardCount), http.StatusBadRequest), nil } mode := "PROVISIONED" if md, ok := params["StreamModeDetails"].(map[string]any); ok {