`94095a9`

limit control request size

Authored by mfwolffe <wolffemf@dukes.jmu.edu> 2 months ago

SHA: 94095a97be70e4083c7be23324de6b85e6610682
Parents: 4b69bf1
Tree: 9ac97e0

1 changed file

Status	File	+	-
M	`garwarp/src/daemon.rs`	51	3

garwarp/src/daemon.rsmodified

  use std::fs;
 -use std::io::{self, BufRead, BufReader, Write};
 +use std::io::{self, BufRead, BufReader, Read, Write};
  use std::os::unix::net::{UnixListener, UnixStream};
  use std::thread;
  use std::time::{Duration, Instant};
  use crate::validate::{validate_request_id, validate_request_identity};
  use crate::window::parse_optional_parent_window;
 +const MAX_CONTROL_LINE_BYTES: usize = 4096;
++
  pub fn run() -> io::Result<()> {
      let config = Config::from_env();
      let paths = RuntimePaths::from_env();
  fn handle_connection(stream: UnixStream, state: &mut DaemonState) -> io::Result<()> {
      let mut reader = BufReader::new(stream);
      let mut line = String::new();
 -    reader.read_line(&mut line)?;
 +    let bytes_read = {
 +        let mut limited = reader.by_ref().take((MAX_CONTROL_LINE_BYTES + 1) as u64);
 +        limited.read_line(&mut line)?
 +    };
++
 +    if bytes_read > MAX_CONTROL_LINE_BYTES {
 +        let mapping = map_portal_error(&PortalError::InvalidRequestPayload);
 +        return write_response(
 +            reader.into_inner(),
 +            ControlResponse::Error {
 +                code: mapping.code as u32,
 +                reason: mapping.reason.to_string(),
 +            },
 +        );
 +    }
      let response = match ControlRequest::parse_line(&line) {
          Some(ControlRequest::Status) => ControlResponse::Status(StatusResponse {
  #[cfg(test)]
  mod tests {
 -    use super::{DaemonState, handle_connection, load_registry_with_recovery};
 +    use super::{
 +        DaemonState, MAX_CONTROL_LINE_BYTES, handle_connection, load_registry_with_recovery,
 +    };
      use garwarp_ipc::{ControlResponse, HealthStatus};
      use std::fs;
      use std::io::{BufRead, BufReader, Write};
          );
+     }
 +    #[test]
 +    fn oversized_request_maps_to_invalid_request() {
 +        let (mut client, server) = UnixStream::pair().expect("pair should be created");
 +        let oversized = format!("{}\n", "x".repeat(MAX_CONTROL_LINE_BYTES + 1));
 +        client
 +            .write_all(oversized.as_bytes())
 +            .expect("oversized request should be written");
++
 +        let mut state = DaemonState {
 +            health: HealthStatus::Healthy,
 +            requests: RequestRegistry::new(Duration::from_secs(5)),
 +            running: true,
 +        };
 +        handle_connection(server, &mut state).expect("request should be handled");
++
 +        let mut response_line = String::new();
 +        let mut reader = BufReader::new(client);
 +        reader
 +            .read_line(&mut response_line)
 +            .expect("response should be readable");
 +        let response = ControlResponse::parse_line(&response_line).expect("response should parse");
 +        assert_eq!(
 +            response,
 +            ControlResponse::Error {
 +                code: 2,
 +                reason: "invalid_request".to_string(),
 +            }
 +        );
 +    }
++
      #[test]
      fn duplicate_request_fields_map_to_invalid_request() {
          let (mut client, server) = UnixStream::pair().expect("pair should be created");