Harden zip reader and syslog scan

internal/parser/archive.go

@@ -13,6 +13,7 @@ import (
 )
 
 const maxSingleFileSize = 10 * 1024 * 1024
+const maxZipArchiveSize = 50 * 1024 * 1024
 
 // ExtractedFile represents a file extracted from archive
 type ExtractedFile struct {
@@ -222,11 +223,14 @@ func extractZip(archivePath string) ([]ExtractedFile, error) {
 }
 
 func extractZipFromReader(r io.Reader) ([]ExtractedFile, error) {
-	// Read all data into memory
-	data, err := io.ReadAll(r)
+	// Read all data into memory with a hard cap
+	data, err := io.ReadAll(io.LimitReader(r, maxZipArchiveSize+1))
 	if err != nil {
 		return nil, fmt.Errorf("read zip data: %w", err)
 	}
+	if len(data) > maxZipArchiveSize {
+		return nil, fmt.Errorf("zip too large: max %d bytes", maxZipArchiveSize)
+	}
 
 	// Create a ReaderAt from the byte slice
 	readerAt := bytes.NewReader(data)