mirror of
https://github.com/astaxie/beego.git
synced 2024-11-26 05:01:28 +00:00
Merge pull request #1486 from KilledKenny/oomDos
Added MaxMemory limit to CopyBody() Supersedes #1484
This commit is contained in:
commit
2aa50c240f
@ -17,6 +17,7 @@ package context
|
|||||||
import (
|
import (
|
||||||
"bytes"
|
"bytes"
|
||||||
"errors"
|
"errors"
|
||||||
|
"io"
|
||||||
"io/ioutil"
|
"io/ioutil"
|
||||||
"net/url"
|
"net/url"
|
||||||
"reflect"
|
"reflect"
|
||||||
@ -313,8 +314,9 @@ func (input *BeegoInput) Session(key interface{}) interface{} {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// CopyBody returns the raw request body data as bytes.
|
// CopyBody returns the raw request body data as bytes.
|
||||||
func (input *BeegoInput) CopyBody() []byte {
|
func (input *BeegoInput) CopyBody(MaxMemory int64) []byte {
|
||||||
requestbody, _ := ioutil.ReadAll(input.Context.Request.Body)
|
safe := &io.LimitedReader{R:input.Context.Request.Body, N:MaxMemory}
|
||||||
|
requestbody, _ := ioutil.ReadAll(safe)
|
||||||
input.Context.Request.Body.Close()
|
input.Context.Request.Body.Close()
|
||||||
bf := bytes.NewBuffer(requestbody)
|
bf := bytes.NewBuffer(requestbody)
|
||||||
input.Context.Request.Body = ioutil.NopCloser(bf)
|
input.Context.Request.Body = ioutil.NopCloser(bf)
|
||||||
|
@ -653,7 +653,7 @@ func (p *ControllerRegister) ServeHTTP(rw http.ResponseWriter, r *http.Request)
|
|||||||
|
|
||||||
if r.Method != "GET" && r.Method != "HEAD" {
|
if r.Method != "GET" && r.Method != "HEAD" {
|
||||||
if BConfig.CopyRequestBody && !context.Input.IsUpload() {
|
if BConfig.CopyRequestBody && !context.Input.IsUpload() {
|
||||||
context.Input.CopyBody()
|
context.Input.CopyBody(BConfig.MaxMemory)
|
||||||
}
|
}
|
||||||
context.Input.ParseFormOrMulitForm(BConfig.MaxMemory)
|
context.Input.ParseFormOrMulitForm(BConfig.MaxMemory)
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user