[Code Quality] Servy.Core HandleHelper.cs — regex timeout hardcoded to 1s, bypasses AppConfig.InputRegexTimeout convention

[Christophe-Rogiers]

Severity: Info

File: src/Servy.Core/Helpers/HandleHelper.cs lines 46-49

Description:

Every other regex over untrusted-ish input in the codebase uses AppConfig.InputRegexTimeout (a centralized short ReDoS budget, ~200ms) as the third new Regex(...) argument. HandleHelper.HandleOutputRegex hardcodes its own:

private static readonly Regex HandleOutputRegex = new Regex(
    @"^\s*(?<name>.+?)\s+pid:\s*(?<pid>\d+)",
    RegexOptions.Compiled | RegexOptions.IgnoreCase | RegexOptions.Multiline,
    TimeSpan.FromSeconds(1));

The specific risk is low — the pattern is anchored, and the input is handle.exe's own stdout — but the inconsistency means:

1. If AppConfig.InputRegexTimeout is tightened globally as a hardening measure, this call site silently won't follow.
2. New contributors scanning for "how this codebase does regex timeouts" find two answers.

Related: #438 (closed) already refactored this file's regex to static readonly; the same pass should have centralized the timeout.

Suggested fix:

private static readonly Regex HandleOutputRegex = new Regex(
    @"^\s*(?<name>.+?)\s+pid:\s*(?<pid>\d+)",
    RegexOptions.Compiled | RegexOptions.IgnoreCase | RegexOptions.Multiline,
    AppConfig.InputRegexTimeout);

If a longer budget is intentional for handle.exe output (e.g. a huge file has thousands of owners), add a named AppConfig.HandleExeRegexTimeout constant and document the reason.

[aelassas]

All fixed.