diff options
author | Eric Wong <normalperson@yhbt.net> | 2010-11-19 10:19:45 +0000 |
---|---|---|
committer | Eric Wong <normalperson@yhbt.net> | 2010-11-19 16:59:01 -0800 |
commit | c6ffae22748bc22d5ef88fea2a3ca67f480ee74b (patch) | |
tree | d64947098657f2bbdbca04a6db2e43645060a223 /lib/rainbows/max_body/rewindable_wrapper.rb | |
parent | 3cee07d750f678af92318c14110c803be3f9b97f (diff) | |
download | rainbows-c6ffae22748bc22d5ef88fea2a3ca67f480ee74b.tar.gz |
To avoid denial-of-service attacks, the wrappers need to intercept requests *before* they hit the memory allocator, so we need to reimplement the read(all) and gets cases to use smaller buffers whenever the application does not specify one.
Diffstat (limited to 'lib/rainbows/max_body/rewindable_wrapper.rb')
-rw-r--r-- | lib/rainbows/max_body/rewindable_wrapper.rb | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/lib/rainbows/max_body/rewindable_wrapper.rb b/lib/rainbows/max_body/rewindable_wrapper.rb index b52726e..5693ead 100644 --- a/lib/rainbows/max_body/rewindable_wrapper.rb +++ b/lib/rainbows/max_body/rewindable_wrapper.rb @@ -8,6 +8,7 @@ class Rainbows::MaxBody::RewindableWrapper < Rainbows::MaxBody::Wrapper def rewind @limit = @orig_limit + @rbuf = '' @input.rewind end |