From d0d0d4dc761309948b9f8e004a62861019ca670a Mon Sep 17 00:00:00 2001
From: kj <webmaster@outcontrol.net>
Date: Thu, 20 Feb 2025 08:22:47 -0300
Subject: [PATCH] Verify if a valid http query string after run parse_str.

---
 src/Libs/Request.php | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/Libs/Request.php b/src/Libs/Request.php
index c837afa..a483a01 100644
--- a/src/Libs/Request.php
+++ b/src/Libs/Request.php
@@ -47,8 +47,9 @@ class Request extends Neuron  {
             );
         else {
             $this->json   = new Neuron();
-            if (in_array($_SERVER['REQUEST_METHOD'], ['PUT', 'PATCH', 'DELETE'])) {
-                parse_str(file_get_contents("php://input"), $input_vars);
+            if (in_array($_SERVER['REQUEST_METHOD'], ['PUT', 'PATCH', 'DELETE']) &&
+                preg_match('/^[^;?\/:@&=+$,]{1,255}[=]/', $this->body, $matches)) { // Con la expresión regular verificamos que sea un http query string válido y evitamos errores de memoria en caso de que el body tenga algo más grande que eso.
+                parse_str($this->body, $input_vars);
                 $this->{strtolower($_SERVER['REQUEST_METHOD'])} = new Neuron($input_vars);
             }
         }