gitea-mirror/sif
1
0
Fork 0
mirror of https://github.com/lunchcat/sif.git synced 2026-06-12 19:11:25 -07:00
Code Issues Packages Projects Releases Wiki Activity

fix: add io.LimitReader to prevent memory exhaustion

Browse Source 
Add io.LimitReader with 5MB limit to all HTTP response body reads
to prevent potential memory exhaustion from maliciously large responses.

Affected files:
- pkg/scan/cms.go
- pkg/scan/subdomaintakeover.go
- pkg/scan/js/scan.go
- pkg/scan/js/supabase.go
This commit is contained in:
vmfunc
2026-01-03 02:58:16 -08:00
parent 3e4fd67588
commit 7ec8c6fb70
3 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
pkg/scan/cms.go
+1 -1
View File
@@ -56,7 +56,7 @@ func CMS(url string, timeout time.Duration, logdir string) (*CMSResult, error) {
}
defer resp.Body.Close()
body, err := io.ReadAll(resp.Body)
body, err := io.ReadAll(io.LimitReader(resp.Body, 5*1024*1024))
if err != nil {
return nil, err
}
pkg/scan/js/scan.go
+1 -1
View File
@@ -110,7 +110,7 @@ func JavascriptScan(url string, timeout time.Duration, threads int, logdir strin
continue
}
bodyBytes, err := io.ReadAll(resp.Body)
bodyBytes, err := io.ReadAll(io.LimitReader(resp.Body, 5*1024*1024))
resp.Body.Close()
if err != nil {
jslog.Errorf("Failed to read script body: %s", err)
pkg/scan/subdomaintakeover.go
+1 -1
View File
@@ -127,7 +127,7 @@ func checkSubdomainTakeover(subdomain string, client *http.Client) (bool, string
}
defer resp.Body.Close()
body, err := io.ReadAll(resp.Body)
body, err := io.ReadAll(io.LimitReader(resp.Body, 5*1024*1024))
if err != nil {
return false, ""
}