Potential fix for pull request finding 'CodeQL / Log entries created from user input'

Kanchan-Microsoft · github-advanced-security[bot] · web-flow · commit 33d4660ed8d8 · 2026-04-03T11:36:53.000+05:30
Co-authored-by: Copilot Autofix powered by AI &lt;62310815+github-advanced-security[bot]@users.noreply.github.com&gt;
diff --git a/App/backend-api/Microsoft.GS.DPS.Host/API/KernelMemory/KernelMemory.cs b/App/backend-api/Microsoft.GS.DPS.Host/API/KernelMemory/KernelMemory.cs
@@ -152,12 +152,17 @@ ILogger<KernelMemory> logger
                 #pragma warning disable CA1031 // Must catch all to log and keep the process alive
                 catch (Exception ex)
                 {
-                    logger.LogError(ex, "Error deleting document: {DocumentId}. RequestId: {RequestId}", documentId, requestId);
+                    var sanitizedDocumentId = (documentId ?? string.Empty)
+                        .Replace(Environment.NewLine, string.Empty)
+                        .Replace("\n", string.Empty)
+                        .Replace("\r", string.Empty);
+
+                    logger.LogError(ex, "Error deleting document: {DocumentId}. RequestId: {RequestId}", sanitizedDocumentId, requestId);
                     telemetryHelper.TrackException(ex, new Dictionary<string, string>
                     {
                         { "requestId", requestId },
                         { "endpoint", "/Documents/{documentId}" },
-                        { "documentId", documentId },
+                        { "documentId", sanitizedDocumentId },
                         { "errorType", ex.GetType().Name }
                     });
                     return Results.BadRequest(new DocumentDeletedResult() { IsDeleted = false });
