opensource/kubo
1
0
Fork 0
mirror of https://github.com/ipfs/kubo.git synced 2025-09-10 14:34:24 +08:00
Code Issues Projects Releases Wiki Activity

fix Read call in APIAddr

Browse Source 
* don't assume that Read fills the buffer.
* don't succeed if the API file is too large.

License: MIT
Signed-off-by: Steven Allen <steven@stebalien.com>
This commit is contained in:
Steven Allen
2018-03-07 18:51:39 -08:00
committed by Jakub Sztandera
parent 4002f97724
commit fda2428d36
1 changed files with 12 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
repo/fsrepo/fsrepo.go
View File

@ -324,13 +324,21 @@ func APIAddr(repoPath string) (ma.Multiaddr, error) {
// read up to 2048 bytes. io.ReadAll is a vulnerability, as // read up to 2048 bytes. io.ReadAll is a vulnerability, as
// someone could hose the process by putting a massive file there. // someone could hose the process by putting a massive file there.
buf := make([]byte, 2048) //
n, err := f.Read(buf) // NOTE(@stebalien): @jbenet probably wasn't thinking straight when he
if err != nil && err != io.EOF { // wrote that comment but I'm leaving the limit here in case there was
// some hidden wisdom. However, I'm fixing it such that:
// 1. We don't read too little.
// 2. We don't truncate and succeed.
buf, err := ioutil.ReadAll(io.LimitReader(f, 2048))
if err != nil {
return nil, err return nil, err
} }
if len(buf) == 2048 {
return nil, fmt.Errorf("API file too large, must be <2048 bytes long: %s", apiFilePath)
}
s := string(buf[:n]) s := string(buf)
s = strings.TrimSpace(s) s = strings.TrimSpace(s)
return ma.NewMultiaddr(s) return ma.NewMultiaddr(s)
} }