gitea-mirror/sif
1
0
Fork 0
mirror of https://github.com/lunchcat/sif.git synced 2026-01-11 12:35:37 -08:00
Code Issues Packages Projects Releases Wiki Activity

fix: add io.LimitReader and proper error handling to shodan.go

Browse Source 
Add io.LimitReader with 5MB limit to prevent memory exhaustion and
fix ignored error in queryShodanHost. The error from io.ReadAll was
previously being discarded with _, which could mask read failures.
This commit is contained in:
Celeste Hickenlooper
2026-01-03 02:58:22 -08:00
parent f6e53740f0
commit 3e67164da2
1 changed files with 5 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
pkg/scan/shodan.go
View File

@@ -189,11 +189,14 @@ func queryShodanHost(ip string, apiKey string, timeout time.Duration) (*ShodanRe
}
if resp.StatusCode != http.StatusOK {
body, _ := io.ReadAll(resp.Body)
body, err := io.ReadAll(io.LimitReader(resp.Body, 5*1024*1024))
if err != nil {
return nil, fmt.Errorf("read shodan response: %w", err)
}
return nil, fmt.Errorf("Shodan API error (status %d): %s", resp.StatusCode, string(body))
}
body, err := io.ReadAll(resp.Body)
body, err := io.ReadAll(io.LimitReader(resp.Body, 5*1024*1024))
if err != nil {
return nil, fmt.Errorf("failed to read response: %w", err)
}