validate content length

46ca9531 · Davies Liu · b33b7a45 · 46ca9531 · 46ca9531 · 46ca9531
隐藏空白更改
内联并排

Showing with 12 addition and 0 deletion

object/cos.go object/cos.go +3 -0

object/mss.go object/mss.go +3 -0

object/speedy.go object/speedy.go +3 -0

object/ufile.go object/ufile.go +3 -0

未找到文件。
--- a/object/cos.go
+++ b/object/cos.go
@@ -88,6 +88,9 @@ func (c *COS) Copy(dst, src string) error {

 func (c *COS) parseResult(resp *http.Response, out interface{}) error {
 	defer resp.Body.Close()
+	if resp.ContentLength <= 0 || resp.ContentLength > (1<<31) {
+		return fmt.Errorf("invalid content length: %d", resp.ContentLength)
+	}
 	data := make([]byte, resp.ContentLength)
 	if _, err := io.ReadFull(resp.Body, data); err != nil {
 		return err

--- a/object/mss.go
+++ b/object/mss.go
@@ -94,6 +94,9 @@ func (c *mss) List(prefix, marker string, limit int64) ([]*Object, error) {
 	if resp.StatusCode != 200 {
 		return nil, parseError(resp)
 	}
+	if resp.ContentLength <= 0 || resp.ContentLength > (1<<31) {
+		return nil, fmt.Errorf("invalid content length: %d", resp.ContentLength)
+	}
 	data := make([]byte, resp.ContentLength)
 	if _, err := io.ReadFull(resp.Body, data); err != nil {
 		return nil, err

--- a/object/speedy.go
+++ b/object/speedy.go
@@ -49,6 +49,9 @@ func (s *speedy) List(prefix, marker string, limit int64) ([]*Object, error) {
 	if resp.StatusCode != 200 {
 		return nil, parseError(resp)
 	}
+	if resp.ContentLength <= 0 || resp.ContentLength > (1<<31) {
+		return nil, fmt.Errorf("invalid content length: %d", resp.ContentLength)
+	}
 	data := make([]byte, resp.ContentLength)
 	if _, err := io.ReadFull(resp.Body, data); err != nil {
 		return nil, err

--- a/object/ufile.go
+++ b/object/ufile.go
@@ -54,6 +54,9 @@ func ufileSigner(req *http.Request, accessKey, secretKey, signName string) {

 func (u *ufile) parseResp(resp *http.Response, out interface{}) error {
 	defer resp.Body.Close()
+	if resp.ContentLength <= 0 || resp.ContentLength > (1<<31) {
+		return fmt.Errorf("invalid content length: %d", resp.ContentLength)
+	}
 	data := make([]byte, resp.ContentLength)
 	if _, err := io.ReadFull(resp.Body, data); err != nil {
 		return err