[BUG] [Security] validate_port_range() has no upper limit on range size DoS via 1-65535 scan

[Midoriya-w]

Summary

validate_port_range() in backend/secuscan/validation.py accepts any valid port range without limiting the total number of ports. A caller can pass 1-65535 which triggers a full 65,535-port Nmap scan, consuming excessive CPU, memory, and network bandwidth. A single request can cause a denial of service.

Location

backend/secuscan/validation.py — validate_port_range()

Steps to Reproduce

1. Start a scan task with port_range = "1-65535"
2. Observe that validation passes with no error
3. Nmap launches a full port scan — excessive resource consumption

Expected Behavior

Validation should reject port ranges exceeding a configurable maximum (e.g. 1000 ports).

Actual Behavior

No upper limit check exists — any range up to 65535 ports is accepted silently.

Proposed Fix

if (end - start) > settings.max_port_range_size:
    return False, f"Port range too large (max {settings.max_port_range_size} ports)"

[Midoriya-w]

Hey @utksh1 I discovered this bug while auditing the codebase and would love to fix it under GSSoC 2026. Can I get assigned?

[aaniya22]

Hi, I would like to work on this issue under GSSoC'26.
Please assign this to me. Thank you!

[Midoriya-w]

Hey @utksh1! Thanks for the assignment! Could you add the appropriate labels (level:critical, type:security, gssoc:approved) so this counts for GSSoC scoring?

[Midoriya-w]

hey @utksh1 Implemented the fix for excessive port scan ranges causing potential DoS via large scans.

PR submitted: #319

Changes include:
• Added configurable max_port_range_size validation
• Prevented oversized ranges like 1-65535
• Improved validation handling and updated related test cases

All CI checks are now passing