From 6eb56a2ec92694283e4b30b353406eb794c54188 Mon Sep 17 00:00:00 2001 From: Brian Goff Date: Fri, 13 Oct 2017 17:00:39 -0400 Subject: [PATCH] Use limited reader for some `ReadAll` cases. Prevents a server from sending a large response causing containerd to allocate too much RAM and potentially OOM. Signed-off-by: Brian Goff --- remotes/docker/resolver.go | 3 ++- remotes/docker/schema1/converter.go | 4 +++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/remotes/docker/resolver.go b/remotes/docker/resolver.go index e331f3ba5..7a1150495 100644 --- a/remotes/docker/resolver.go +++ b/remotes/docker/resolver.go @@ -4,6 +4,7 @@ import ( "context" "encoding/json" "fmt" + "io" "io/ioutil" "net/http" "net/textproto" @@ -498,7 +499,7 @@ func (r *dockerBase) fetchTokenWithOAuth(ctx context.Context, to tokenOptions) ( if (resp.StatusCode == 405 && r.username != "") || resp.StatusCode == 404 { return r.getToken(ctx, to) } else if resp.StatusCode < 200 || resp.StatusCode >= 400 { - b, _ := ioutil.ReadAll(resp.Body) + b, _ := ioutil.ReadAll(io.LimitReader(resp.Body, 64000)) // 64KB log.G(ctx).WithFields(logrus.Fields{ "status": resp.Status, "body": string(b), diff --git a/remotes/docker/schema1/converter.go b/remotes/docker/schema1/converter.go index f52d182b5..b5e52cd82 100644 --- a/remotes/docker/schema1/converter.go +++ b/remotes/docker/schema1/converter.go @@ -26,6 +26,8 @@ import ( "github.com/pkg/errors" ) +const manifestSizeLimit = 8e6 // 8MB + var ( mediaTypeManifest = "application/vnd.docker.distribution.manifest.v1+json" ) @@ -177,7 +179,7 @@ func (c *Converter) fetchManifest(ctx context.Context, desc ocispec.Descriptor) return err } - b, err := ioutil.ReadAll(rc) + b, err := ioutil.ReadAll(io.LimitReader(rc, manifestSizeLimit)) // limit to 8MB rc.Close() if err != nil { return err