From c6ffae22748bc22d5ef88fea2a3ca67f480ee74b Mon Sep 17 00:00:00 2001
From: Eric Wong <normalperson@yhbt.net>
Date: Fri, 19 Nov 2010 10:19:45 +0000
Subject: max_body: rewrite wrappers to be safer

To avoid denial-of-service attacks, the wrappers need to
intercept requests *before* they hit the memory allocator, so we
need to reimplement the read(all) and gets cases to use
smaller buffers whenever the application does not specify one.
---
 t/sha1-random-size.ru | 24 +++++++++++++++++++-----
 1 file changed, 19 insertions(+), 5 deletions(-)

(limited to 't/sha1-random-size.ru')

diff --git a/t/sha1-random-size.ru b/t/sha1-random-size.ru
index f86d017..4ef5d7b 100644
--- a/t/sha1-random-size.ru
+++ b/t/sha1-random-size.ru
@@ -7,11 +7,25 @@ app = lambda do |env|
     return [ 100, {}, [] ]
   digest = Digest::SHA1.new
   input = env['rack.input']
-  if buf = input.read(rand(cap))
-    begin
-      raise "#{buf.size} > #{cap}" if buf.size > cap
-      digest.update(buf)
-    end while input.read(rand(cap), buf)
+  case env["PATH_INFO"]
+  when "/gets_read_mix"
+    warn "GETS_READ_MIX #{env['HTTP_TRANSFER_ENCODING'].inspect}"
+    if buf = input.gets
+      warn "input.rbuf: #{input.instance_variable_get(:@rbuf).inspect}"
+      begin
+        digest.update(buf)
+        warn "buf.size : #{buf.size}"
+      end while input.read(rand(cap), buf)
+    end
+  when "/each"
+    input.each { |buf| digest.update(buf) }
+  else
+    if buf = input.read(rand(cap))
+      begin
+        raise "#{buf.size} > #{cap}" if buf.size > cap
+        digest.update(buf)
+      end while input.read(rand(cap), buf)
+    end
   end
 
   [ 200, {'Content-Type' => 'text/plain'}, [ digest.hexdigest << "\n" ] ]
-- 
cgit v1.2.3-24-ge0c7