From 7fee1e27412463ab54c548949aff2dbe4abf95b5 Mon Sep 17 00:00:00 2001
From: Eric Wong <e@80x24.org>
Date: Sun, 6 Mar 2016 02:09:22 +0000
Subject: http: reject excessively large HTTP request bodies

We cannot risk using all of a users' disk space buffering
gigantic requests.  Use the defaults git gives us since
we primarily host git repositories.
---
 t/httpd-corner.t | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

(limited to 't')

diff --git a/t/httpd-corner.t b/t/httpd-corner.t
index 8670846c..59f37aa9 100644
--- a/t/httpd-corner.t
+++ b/t/httpd-corner.t
@@ -97,6 +97,27 @@ my $spawn_httpd = sub {
 	like($head, qr/\b400\b/, 'got 400 response');
 }
 
+{
+	my $conn = conn_for($sock, 'excessive body Content-Length');
+	$SIG{PIPE} = 'IGNORE';
+	my $n = (10 * 1024 * 1024) + 1;
+	$conn->write("PUT /sha1 HTTP/1.0\r\nContent-Length: $n\r\n\r\n");
+	ok($conn->read(my $buf, 8192), 'read response');
+	my ($head, $body) = split(/\r\n\r\n/, $buf);
+	like($head, qr/\b413\b/, 'got 413 response');
+}
+
+{
+	my $conn = conn_for($sock, 'excessive body chunked');
+	$SIG{PIPE} = 'IGNORE';
+	my $n = (10 * 1024 * 1024) + 1;
+	$conn->write("PUT /sha1 HTTP/1.1\r\nTransfer-Encoding: chunked\r\n");
+	$conn->write("\r\n".sprintf("%x\r\n", $n));
+	ok($conn->read(my $buf, 8192), 'read response');
+	my ($head, $body) = split(/\r\n\r\n/, $buf);
+	like($head, qr/\b413\b/, 'got 413 response');
+}
+
 # Unix domain sockets
 {
 	my $u = IO::Socket::UNIX->new(Type => SOCK_STREAM, Peer => $upath);
-- 
cgit v1.2.3-24-ge0c7