From fd638228c5eb0b482a5a3df8957efb51e05d8656 Mon Sep 17 00:00:00 2001 From: Dimitri Sokolyuk Date: Mon, 23 Jul 2018 18:58:06 +0200 Subject: limit input --- href.go | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/href.go b/href.go index 6db1347..b6c5368 100644 --- a/href.go +++ b/href.go @@ -2,6 +2,7 @@ package main import ( "errors" + "io" "net/http" "strings" @@ -31,6 +32,8 @@ func title(n *html.Node) (string, error) { return "", errNoTitle } +const maxLength = 10 * 1024 * 1024 // 10MB + func getTitle(uri string) (string, error) { resp, err := http.Get(uri) if err != nil { @@ -43,11 +46,11 @@ func getTitle(uri string) (string, error) { return "", errNotHTML } - if resp.ContentLength > 10*1024*1024 { + if resp.ContentLength > maxLength { return "", errTooBig } - r, err := charset.NewReader(resp.Body, ct) + r, err := charset.NewReader(io.LimitReader(resp.Body, maxLength), ct) if err != nil { return "", err } -- cgit v1.2.3