Potential fix for pull request finding 'CodeQL / Log entries created from user input'

Kanchan-Microsoft · github-advanced-security[bot] · web-flow · commit 54c5638d3bc9 · 2026-04-06T14:43:19.000+05:30
Co-authored-by: Copilot Autofix powered by AI &lt;62310815+github-advanced-security[bot]@users.noreply.github.com&gt;
diff --git a/App/backend-api/Microsoft.GS.DPS.Host/API/KernelMemory/KernelMemory.cs b/App/backend-api/Microsoft.GS.DPS.Host/API/KernelMemory/KernelMemory.cs
@@ -295,24 +295,25 @@ ILogger<KernelMemory> logger
                 var requestId = httpContext.TraceIdentifier;
                 telemetryHelper.SetActivityTag("requestId", requestId);
                 var startTime = DateTimeOffset.UtcNow;
+                var safeDocumentId = (documentId ?? "null").Replace("\r", string.Empty).Replace("\n", string.Empty);
                 
                 // Trace: Delete request received
                 logger.LogInformation("[{RequestId}] Document delete request received. Endpoint: /Documents/{documentId}, DocumentId: {DocumentId}",
-                    requestId, documentId ?? "null");
+                    requestId, safeDocumentId);
                 
                 // Track delete started
                 telemetryHelper.TrackEvent("DocumentDeleteStarted", new Dictionary<string, string>
                 {
                     { "requestId", requestId },
                     { "endpoint", "/Documents/{documentId}" },
-                    { "documentId", documentId }
+                    { "documentId", safeDocumentId }
                 });
                 
                 try
                 {
                     // Trace: Beginning delete operation
                     logger.LogDebug("[{RequestId}] Calling kernel memory to delete document: {DocumentId}",
-                        requestId, documentId);
+                        requestId, safeDocumentId);
                     
                     await kernelMemory.DeleteDocument(documentId);
                     var duration = (DateTimeOffset.UtcNow - startTime).TotalSeconds;
@@ -321,13 +322,13 @@ ILogger<KernelMemory> logger
                     logger.LogInformation("[{RequestId}] Document deleted successfully. Duration: {Duration}s, DocumentId: {DocumentId}",
                         requestId,
                         duration.ToString("F2"),
-                        documentId);
+                        safeDocumentId);
                     
                     telemetryHelper.TrackEvent("DocumentDeleteSuccess", new Dictionary<string, string>
                     {
                         { "requestId", requestId },
                         { "endpoint", "/Documents/{documentId}" },
-                        { "documentId", documentId },
+                        { "documentId", safeDocumentId },
                         { "duration", duration.ToString("F2") }
                     }, new Dictionary<string, double>
                     {
