Add comprehensive input validation system for security

   This commit implements a complete input validation framework to prevent
   security vulnerabilities and improve application stability:

   Security Features:
   - MFT file validation with magic number checking
   - Path traversal protection for output files
   - Numeric bounds checking to prevent resource exhaustion
   - Buffer overflow prevention in MFT record parsing
   - Configuration schema validation against injection attacks
   - Export format validation with dependency checking

   Key Components:
   - New validators.py module with comprehensive validation functions
   - Integration into CLI with proper error handling and user feedback
   - Buffer overflow protection in MFT record attribute parsing
   - Configuration validation in config.py
   - Comprehensive test suite with 36 test cases covering all scenarios

   Addresses Issue #165: Add comprehensive input validation

Author: rowingdude

src/analyzeMFT/cli.py

@@ -7,6 +7,11 @@
 from .constants import VERSION
 from .config import ConfigManager, find_config_file
 from .test_generator import create_test_mft
+from .validators import (
+    validate_paths_secure, validate_numeric_bounds, validate_export_format,
+    validate_config_schema, ValidationError, MFTValidationError, 
+    PathValidationError, NumericValidationError, ConfigValidationError
+)
 
 async def main():
     # Setup basic logging configuration (will be refined by analyzer)
@@ -208,6 +213,40 @@ async def main():
     if not options.export_format:
         options.export_format = "csv"  
 
+    # ========== INPUT VALIDATION ==========
+    # Comprehensive validation of all inputs before processing
+    try:
+        # Validate numeric parameters
+        validate_numeric_bounds(
+            chunk_size=options.chunk_size,
+            hash_processes=options.hash_processes,
+            test_records=options.test_records,
+            verbosity=options.verbosity,
+            debug=options.debug
+        )
+        
+        # Validate export format and dependencies
+        validate_export_format(options.export_format, options.output_file)
+        
+        # Validate and secure file paths
+        validated_input, validated_output = validate_paths_secure(
+            options.filename, options.output_file
+        )
+        
+        # Update options with validated paths
+        options.filename = str(validated_input)
+        options.output_file = str(validated_output)
+        
+        logging.info("All input validation checks passed successfully")
+        
+    except ValidationError as e:
+        logging.error(f"Validation Error: {e}")
+        sys.exit(1)
+    except Exception as e:
+        logging.error(f"Unexpected error during validation: {e}")
+        sys.exit(1)
+    # ========== END INPUT VALIDATION ==========
+
     try:
         analyzer = MftAnalyzer(
             options.filename, 

src/analyzeMFT/config.py

@@ -4,6 +4,7 @@
 from pathlib import Path
 from typing import Dict, Any, Optional, Union
 from dataclasses import dataclass, asdict
+from .validators import validate_config_schema, ConfigValidationError
 
 try:
     import yaml
@@ -137,11 +138,19 @@ def load_config_file(self, config_path: Union[str, Path]) -> Dict[str, Any]:
 
     def load_profile_from_config(self, config: Dict[str, Any], profile_name: str = "custom") -> AnalysisProfile:
         """Create an AnalysisProfile from configuration dictionary"""
+        # Validate configuration schema first
+        try:
+            validated_config = validate_config_schema(config)
+            self.logger.info(f"Configuration validation successful for profile '{profile_name}'")
+        except ConfigValidationError as e:
+            self.logger.error(f"Configuration validation failed for profile '{profile_name}': {e}")
+            raise
+        
         # Start with default profile
         profile_data = asdict(self.profiles['default'])
 
-        # Update with configuration values
-        profile_data.update(config)
+        # Update with validated configuration values
+        profile_data.update(validated_config)
         profile_data['name'] = profile_name
 
         return AnalysisProfile(**profile_data)

src/analyzeMFT/mft_record.py

@@ -5,6 +5,7 @@
 import logging
 from .constants import *
 from .windows_time import WindowsTime
+from .validators import validate_attribute_length, ValidationError
 
 from typing import Dict, Set, List, Optional, Any, Union
 
@@ -127,6 +128,20 @@ def parse_attributes(self):
                     self.log("End of attributes reached", 3)
                     break
 
+                # Validate attribute length to prevent buffer overruns
+                try:
+                    validate_attribute_length(
+                        attr_len=attr_len,
+                        offset=offset,
+                        record_size=len(self.raw_record),
+                        attr_type=attr_type
+                    )
+                except ValidationError as e:
+                    self.logger.error(f"Attribute validation failed at record {getattr(self, 'recordnum', 'unknown')}: {e}")
+                    # Continue parsing other attributes rather than failing completely
+                    offset += 8  # Skip this attribute header
+                    continue
+                
                 self.attribute_types.add(attr_type)
 
                 if attr_type == STANDARD_INFORMATION_ATTRIBUTE: