[snowflake/master] Guard against large reads - tor-commits

28 May 2019

commit ce3101d0169f6a0f483a72a8cf18d7da8359b6d5
Author: Cecylia Bocovich cohosh@torproject.org
Date:   Fri May 10 15:36:04 2019 -0400
Guard against large reads
This is a fix for #26348
---
 broker/broker.go         | 6 +++---
 client/lib/rendezvous.go | 2 +-
 proxy-go/snowflake.go    | 2 +-
 3 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/broker/broker.go b/broker/broker.go
index ae27a47..a0ef38a 100644
--- a/broker/broker.go
+++ b/broker/broker.go
@@ -136,7 +136,7 @@ For snowflake proxies to request a client from the Broker.
 */
 func proxyPolls(ctx *BrokerContext, w http.ResponseWriter, r *http.Request) {
    id := r.Header.Get("X-Session-ID")
-	body, err := ioutil.ReadAll(r.Body)
+	body, err := ioutil.ReadAll(http.MaxBytesReader(w, r.Body, 100000))
    if nil != err {
    	log.Println("Invalid data.")
    	w.WriteHeader(http.StatusBadRequest)
@@ -166,7 +166,7 @@ the HTTP response back to the client.
 */
 func clientOffers(ctx *BrokerContext, w http.ResponseWriter, r *http.Request) {
    startTime := time.Now()
-	offer, err := ioutil.ReadAll(r.Body)
+	offer, err := ioutil.ReadAll(http.MaxBytesReader(w, r.Body, 100000))
    if nil != err {
    	log.Println("Invalid data.")
    	w.WriteHeader(http.StatusBadRequest)
@@ -213,7 +213,7 @@ func proxyAnswers(ctx *BrokerContext, w http.ResponseWriter, r *http.Request) {
    	w.WriteHeader(http.StatusGone)
    	return
    }
-	body, err := ioutil.ReadAll(r.Body)
+	body, err := ioutil.ReadAll(http.MaxBytesReader(w, r.Body, 100000))
    if nil != err || nil == body || len(body) <= 0 {
    	log.Println("Invalid data.")
    	w.WriteHeader(http.StatusBadRequest)
diff --git a/client/lib/rendezvous.go b/client/lib/rendezvous.go
index d04b0b1..e53c51e 100644
--- a/client/lib/rendezvous.go
+++ b/client/lib/rendezvous.go
@@ -91,7 +91,7 @@ func (bc *BrokerChannel) Negotiate(offer *webrtc.SessionDescription) (
switch resp.StatusCode {
    case http.StatusOK:
-		body, err := ioutil.ReadAll(resp.Body)
+		body, err := ioutil.ReadAll(http.MaxBytesReader(nil, resp.Body, 100000))
    	if nil != err {
    		return nil, err
    	}
diff --git a/proxy-go/snowflake.go b/proxy-go/snowflake.go
index 858320b..ebab790 100644
--- a/proxy-go/snowflake.go
+++ b/proxy-go/snowflake.go
@@ -162,7 +162,7 @@ func pollOffer(sid string) *webrtc.SessionDescription {
    		if resp.StatusCode != http.StatusOK {
    			log.Printf("broker returns: %d", resp.StatusCode)
    		} else {
-				body, err := ioutil.ReadAll(resp.Body)
+				body, err := ioutil.ReadAll(http.MaxBytesReader(nil, resp.Body, 100000))
    			if err != nil {
    				log.Printf("error reading broker response: %s", err)
    			} else {

    