Software / code / prosody
Changeset
7577:3dc52f1778db
net.http.parser: Add a limit on maximum buffer size, default to 20M
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Thu, 18 Aug 2016 14:48:42 +0200 |
| parents | 7576:d3646443a02e |
| children | 7578:65bf55fdf971 |
| files | net/http/parser.lua |
| diffstat | 1 files changed, 2 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- a/net/http/parser.lua Thu Aug 18 14:47:58 2016 +0200 +++ b/net/http/parser.lua Thu Aug 18 14:48:42 2016 +0200 @@ -30,6 +30,7 @@ if not parser_type or parser_type == "server" then client = false; else assert(parser_type == "client", "Invalid parser type"); end local buf, buflen, buftable = {}, 0, true; local bodylimit = 10*1024*1024; + local buflimit = bodylimit * 2; local chunked, chunk_size, chunk_start; local state = nil; local packet; @@ -56,6 +57,7 @@ buftable = true; end buflen = buflen + #data; + if buflen > buflimit then error = true; return error_cb("max-buffer-size-exceeded"); end while buflen > 0 do if state == nil then -- read request if buftable then buf, buftable = t_concat(buf), false; end
