github/containerd
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

Merge pull request #1645 from cpuguy83/limited_reader

Browse Source 
Use limited reader for some `ReadAll` cases.
This commit is contained in:
Phil Estes
2017-10-18 11:56:14 +02:00
committed by GitHub
parent 70b5668351 6eb56a2ec9
commit ca63e6d10f
2 changed files with 5 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
remotes/docker/resolver.go
View File

@@ -4,6 +4,7 @@ import (
"context" "context"
"encoding/json" "encoding/json"
"fmt" "fmt"
"io"
"io/ioutil" "io/ioutil"
"net/http" "net/http"
"net/textproto" "net/textproto"
@@ -498,7 +499,7 @@ func (r *dockerBase) fetchTokenWithOAuth(ctx context.Context, to tokenOptions) (
if (resp.StatusCode == 405 && r.username != "") || resp.StatusCode == 404 { if (resp.StatusCode == 405 && r.username != "") || resp.StatusCode == 404 {
return r.getToken(ctx, to) return r.getToken(ctx, to)
} else if resp.StatusCode < 200 || resp.StatusCode >= 400 { } else if resp.StatusCode < 200 || resp.StatusCode >= 400 {
b, _ := ioutil.ReadAll(resp.Body) b, _ := ioutil.ReadAll(io.LimitReader(resp.Body, 64000)) // 64KB
log.G(ctx).WithFields(logrus.Fields{ log.G(ctx).WithFields(logrus.Fields{
"status": resp.Status, "status": resp.Status,
"body": string(b), "body": string(b),

4
remotes/docker/schema1/converter.go
View File

@@ -26,6 +26,8 @@ import (
"github.com/pkg/errors" "github.com/pkg/errors"
) )
const manifestSizeLimit = 8e6 // 8MB
var ( var (
mediaTypeManifest = "application/vnd.docker.distribution.manifest.v1+json" mediaTypeManifest = "application/vnd.docker.distribution.manifest.v1+json"
) )
@@ -177,7 +179,7 @@ func (c *Converter) fetchManifest(ctx context.Context, desc ocispec.Descriptor)
return err return err
} }
b, err := ioutil.ReadAll(rc) b, err := ioutil.ReadAll(io.LimitReader(rc, manifestSizeLimit)) // limit to 8MB
rc.Close() rc.Close()
if err != nil { if err != nil {
return err return err