max_body: rewrite wrappers to be safer

To avoid denial-of-service attacks, the wrappers need to
intercept requests *before* they hit the memory allocator, so we
need to reimplement the read(all) and gets cases to use
smaller buffers whenever the application does not specify one.

1 files changed, 19 insertions, 5 deletions

diff --git a/t/sha1-random-size.ru b/t/sha1-random-size.ru
index f86d017..4ef5d7b 100644
--- a/t/sha1-random-size.ru
+++ b/t/sha1-random-size.ru
@@ -7,11 +7,25 @@ app = lambda do |env|
     return [ 100, {}, [] ]
   digest = Digest::SHA1.new
   input = env['rack.input']
-  if buf = input.read(rand(cap))
-    begin
-      raise "#{buf.size} > #{cap}" if buf.size > cap
-      digest.update(buf)
-    end while input.read(rand(cap), buf)
+  case env["PATH_INFO"]
+  when "/gets_read_mix"
+    warn "GETS_READ_MIX #{env['HTTP_TRANSFER_ENCODING'].inspect}"
+    if buf = input.gets
+      warn "input.rbuf: #{input.instance_variable_get(:@rbuf).inspect}"
+      begin
+        digest.update(buf)
+        warn "buf.size : #{buf.size}"
+      end while input.read(rand(cap), buf)
+    end
+  when "/each"
+    input.each { |buf| digest.update(buf) }
+  else
+    if buf = input.read(rand(cap))
+      begin
+        raise "#{buf.size} > #{cap}" if buf.size > cap
+        digest.update(buf)
+      end while input.read(rand(cap), buf)
+    end
   end
 
   [ 200, {'Content-Type' => 'text/plain'}, [ digest.hexdigest << "\n" ] ]