Skip to content
Snippets Groups Projects
Closed (moved) Guard against large reads
  • View options
  • Guard against large reads

    • View options
  • Closed (moved) created by David Fifield

    Snowflake code calls ioutil.ReadAll from a socket/HTTP in many places in the code: 1 2 3 4 5.

    These should all get an io.LimitReader or http.MaxBytesReader with a limit of 100 KB or so. Like this one:

    	body, err := ioutil.ReadAll(http.MaxBytesReader(w, req.Body, 100000))
    	if err != nil {
    		http.Error(w, "Bad request.", http.StatusBadRequest)
    		return
    	}

    Attributes

    Activity

    • All activity
    • Comments only
    • History only
    • Newest first
    • Oldest first