Add limits to HTTP requests
This commit is contained in:
parent
9ee7e522b1
commit
9d69811de9
|
@ -21,6 +21,10 @@ const (
|
|||
ClientMagicLen = 8
|
||||
)
|
||||
|
||||
const (
|
||||
MaxHTTPBodyLength = 4000000
|
||||
)
|
||||
|
||||
var (
|
||||
CertMagic = [4]byte{0x44, 0x4e, 0x53, 0x43}
|
||||
ServerMagic = [8]byte{0x72, 0x36, 0x66, 0x6e, 0x76, 0x57, 0x6a, 0x38}
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
package main
|
||||
|
||||
import (
|
||||
"io"
|
||||
"io/ioutil"
|
||||
"math/rand"
|
||||
"net"
|
||||
|
@ -282,7 +283,7 @@ func (proxy *Proxy) processIncomingQuery(serverInfo *ServerInfo, clientProto str
|
|||
if err != nil {
|
||||
return
|
||||
}
|
||||
response, err = ioutil.ReadAll(resp.Body)
|
||||
response, err = ioutil.ReadAll(io.LimitReader(resp.Body, int64(MaxDNSPacketSize)))
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
|
|
|
@ -5,6 +5,7 @@ import (
|
|||
"encoding/hex"
|
||||
"errors"
|
||||
"fmt"
|
||||
"io"
|
||||
"io/ioutil"
|
||||
"math/rand"
|
||||
"net"
|
||||
|
@ -253,7 +254,7 @@ func (serversInfo *ServersInfo) fetchDoHServerInfo(proxy *Proxy, name string, st
|
|||
if !found && len(stamp.hashes) > 0 {
|
||||
return ServerInfo{}, fmt.Errorf("Certificate hash [%x] not found for [%s]", wantedHash, name)
|
||||
}
|
||||
respBody, err := ioutil.ReadAll(resp.Body)
|
||||
respBody, err := ioutil.ReadAll(io.LimitReader(resp.Body, MaxHTTPBodyLength))
|
||||
if err != nil {
|
||||
return ServerInfo{}, err
|
||||
}
|
||||
|
|
|
@ -4,6 +4,7 @@ import (
|
|||
"encoding/csv"
|
||||
"errors"
|
||||
"fmt"
|
||||
"io"
|
||||
"io/ioutil"
|
||||
"net/http"
|
||||
"net/url"
|
||||
|
@ -90,7 +91,7 @@ func fetchWithCache(xTransport *XTransport, urlStr string, cacheFile string) (in
|
|||
return
|
||||
}
|
||||
var bin []byte
|
||||
bin, err = ioutil.ReadAll(resp.Body)
|
||||
bin, err = ioutil.ReadAll(io.LimitReader(resp.Body, MaxHTTPBodyLength))
|
||||
resp.Body.Close()
|
||||
if err != nil {
|
||||
return
|
||||
|
|
Loading…
Reference in New Issue