Commit ee154f5d authored by Brad Fitzpatrick's avatar Brad Fitzpatrick

mime/multipart: limit line length to prevent abuse

Fixes #1528

R=rsc
CC=golang-dev
https://golang.org/cl/4425060
parent 256df10e
......@@ -97,10 +97,11 @@ func newPart(mr *multiReader) (bp *Part, err os.Error) {
func (bp *Part) populateHeaders() os.Error {
for {
line, err := bp.mr.bufReader.ReadString('\n')
lineBytes, err := bp.mr.bufReader.ReadSlice('\n')
if err != nil {
return err
}
line := string(lineBytes)
if line == "\n" || line == "\r\n" {
return nil
}
......@@ -179,11 +180,12 @@ func (mr *multiReader) eof() bool {
}
func (mr *multiReader) readLine() bool {
line, err := mr.bufReader.ReadString('\n')
lineBytes, err := mr.bufReader.ReadSlice('\n')
if err != nil {
// TODO: care about err being EOF or not?
return false
}
line := string(lineBytes)
mr.bufferedLine = &line
return true
}
......
......@@ -9,6 +9,7 @@ import (
"fmt"
"io"
"json"
"os"
"regexp"
"strings"
"testing"
......@@ -205,3 +206,34 @@ func TestVariousTextLineEndings(t *testing.T) {
}
}
type maliciousReader struct {
t *testing.T
n int
}
const maxReadThreshold = 1 << 20
func (mr *maliciousReader) Read(b []byte) (n int, err os.Error) {
mr.n += len(b)
if mr.n >= maxReadThreshold {
mr.t.Fatal("too much was read")
return 0, os.EOF
}
return len(b), nil
}
func TestLineLimit(t *testing.T) {
mr := &maliciousReader{t: t}
r := NewReader(mr, "fooBoundary")
part, err := r.NextPart()
if part != nil {
t.Errorf("unexpected part read")
}
if err == nil {
t.Errorf("expected an error")
}
if mr.n >= maxReadThreshold {
t.Errorf("expected to read < %d bytes; read %d", maxReadThreshold, mr.n)
}
}
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment