commit 375b6ea0483bdf3c214f2b668ef8b1f018de418f
parent 53e870e117cf2985eca8a6247b62fb1f4f0ff8b4
Author: William Casarin <jb55@jb55.com>
Date: Thu, 14 Jan 2021 10:30:49 -0800
restrict AP message size
Diffstat:
1 file changed, 11 insertions(+), 1 deletion(-)
diff --git a/src/wolfsocks.c b/src/wolfsocks.c
@@ -146,6 +146,7 @@ static int handle_inbox_request(struct http_req *req, struct cursor *arena)
const char *signature;
unsigned char *start;
FILE *out;
+ int len;
struct sig_header sig;
struct json_parser pull;
struct json_pusher push;
@@ -173,6 +174,7 @@ static int handle_inbox_request(struct http_req *req, struct cursor *arena)
start = arena->p;
init_json_pusher_with(&push, arena);
+
if (!parse_json(req->body, req->body_len, &pull, &compact)) {
note_error(&req->errs, "json parse failed");
return 0;
@@ -183,7 +185,15 @@ static int handle_inbox_request(struct http_req *req, struct cursor *arena)
return 0;
}
- fwrite(start, arena->p - start, 1, out);
+ len = push.cur.p - start;
+
+ // 128 KB
+ if (len >= 131072) {
+ note_error(&req->errs, "ActivityPub message too big");
+ return 0;
+ }
+
+ fwrite(start, len, 1, out);
fwrite("\n", 1, 1, out);
fclose(out);
