mirror of
https://github.com/golang/go
synced 2024-11-25 04:07:55 -07:00
mime/multipart: limit line length to prevent abuse
Fixes #1528 R=rsc CC=golang-dev https://golang.org/cl/4425060
This commit is contained in:
parent
256df10eae
commit
ee154f5df5
@ -97,10 +97,11 @@ func newPart(mr *multiReader) (bp *Part, err os.Error) {
|
||||
|
||||
func (bp *Part) populateHeaders() os.Error {
|
||||
for {
|
||||
line, err := bp.mr.bufReader.ReadString('\n')
|
||||
lineBytes, err := bp.mr.bufReader.ReadSlice('\n')
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
line := string(lineBytes)
|
||||
if line == "\n" || line == "\r\n" {
|
||||
return nil
|
||||
}
|
||||
@ -179,11 +180,12 @@ func (mr *multiReader) eof() bool {
|
||||
}
|
||||
|
||||
func (mr *multiReader) readLine() bool {
|
||||
line, err := mr.bufReader.ReadString('\n')
|
||||
lineBytes, err := mr.bufReader.ReadSlice('\n')
|
||||
if err != nil {
|
||||
// TODO: care about err being EOF or not?
|
||||
return false
|
||||
}
|
||||
line := string(lineBytes)
|
||||
mr.bufferedLine = &line
|
||||
return true
|
||||
}
|
||||
|
@ -9,6 +9,7 @@ import (
|
||||
"fmt"
|
||||
"io"
|
||||
"json"
|
||||
"os"
|
||||
"regexp"
|
||||
"strings"
|
||||
"testing"
|
||||
@ -205,3 +206,34 @@ func TestVariousTextLineEndings(t *testing.T) {
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
type maliciousReader struct {
|
||||
t *testing.T
|
||||
n int
|
||||
}
|
||||
|
||||
const maxReadThreshold = 1 << 20
|
||||
|
||||
func (mr *maliciousReader) Read(b []byte) (n int, err os.Error) {
|
||||
mr.n += len(b)
|
||||
if mr.n >= maxReadThreshold {
|
||||
mr.t.Fatal("too much was read")
|
||||
return 0, os.EOF
|
||||
}
|
||||
return len(b), nil
|
||||
}
|
||||
|
||||
func TestLineLimit(t *testing.T) {
|
||||
mr := &maliciousReader{t: t}
|
||||
r := NewReader(mr, "fooBoundary")
|
||||
part, err := r.NextPart()
|
||||
if part != nil {
|
||||
t.Errorf("unexpected part read")
|
||||
}
|
||||
if err == nil {
|
||||
t.Errorf("expected an error")
|
||||
}
|
||||
if mr.n >= maxReadThreshold {
|
||||
t.Errorf("expected to read < %d bytes; read %d", maxReadThreshold, mr.n)
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user