io: Add functions to read to the end of a reader
The `std::io::Read` trait includes `read_to_end` but that method provides a denial of service attack vector since an unbounded reader will exhaust all system memory. Add a method to our `Read` trait called `read_to_limit` that does the same as `std::io::Read::read_to_end` but with memory exhaustion protection. Add a `read_to_end` method on our `Take` trait and call through to it from the new method on our `Read` trait called `read_to_limit`.
This commit is contained in:
parent
2073a40c50
commit
f29da57ef6
|
@ -18,6 +18,8 @@ extern crate alloc;
|
|||
mod error;
|
||||
mod macros;
|
||||
|
||||
#[cfg(feature = "alloc")]
|
||||
use alloc::vec::Vec;
|
||||
use core::cmp;
|
||||
use core::convert::TryInto;
|
||||
|
||||
|
@ -45,6 +47,19 @@ pub trait Read {
|
|||
|
||||
#[inline]
|
||||
fn take(&mut self, limit: u64) -> Take<Self> { Take { reader: self, remaining: limit } }
|
||||
|
||||
/// Attempts to read up to limit bytes from the reader, allocating space in `buf` as needed.
|
||||
///
|
||||
/// `limit` is used to prevent a denial of service attack vector since an unbounded reader will
|
||||
/// exhaust all memory.
|
||||
///
|
||||
/// Similar to `std::io::Read::read_to_end` but with the DOS protection.
|
||||
#[doc(alias = "read_to_end")]
|
||||
#[cfg(any(feature = "alloc", feature = "std"))]
|
||||
#[inline]
|
||||
fn read_to_limit(&mut self, buf: &mut Vec<u8>, limit: u64) -> Result<usize> {
|
||||
self.take(limit).read_to_end(buf)
|
||||
}
|
||||
}
|
||||
|
||||
/// A trait describing an input stream that uses an internal buffer when reading.
|
||||
|
@ -65,6 +80,27 @@ pub struct Take<'a, R: Read + ?Sized> {
|
|||
remaining: u64,
|
||||
}
|
||||
|
||||
impl<'a, R: Read + ?Sized> Take<'a, R> {
|
||||
#[cfg(any(feature = "alloc", feature = "std"))]
|
||||
#[inline]
|
||||
fn read_to_end(&mut self, buf: &mut Vec<u8>) -> Result<usize> {
|
||||
let mut read: usize = 0;
|
||||
let mut chunk = [0u8; 64];
|
||||
loop {
|
||||
match self.read(&mut chunk) {
|
||||
Ok(0) => break,
|
||||
Ok(n) => {
|
||||
buf.extend_from_slice(&chunk[0..n]);
|
||||
read += n;
|
||||
}
|
||||
Err(ref e) if e.kind() == ErrorKind::Interrupted => {}
|
||||
Err(e) => return Err(e),
|
||||
};
|
||||
}
|
||||
Ok(read)
|
||||
}
|
||||
}
|
||||
|
||||
impl<'a, R: Read + ?Sized> Read for Take<'a, R> {
|
||||
#[inline]
|
||||
fn read(&mut self, buf: &mut [u8]) -> Result<usize> {
|
||||
|
@ -293,4 +329,29 @@ mod tests {
|
|||
assert_eq!(fill.len(), 0);
|
||||
assert_eq!(fill, &[]);
|
||||
}
|
||||
|
||||
#[test]
|
||||
#[cfg(any(feature = "alloc", feature = "std"))]
|
||||
fn read_to_limit_greater_than_total_length() {
|
||||
let s = "16-byte-string!!".to_string();
|
||||
let mut reader = Cursor::new(&s);
|
||||
let mut buf = vec![];
|
||||
|
||||
// 32 is greater than the reader length.
|
||||
let read = reader.read_to_limit(&mut buf, 32).expect("failed to read to limit");
|
||||
assert_eq!(read, s.len());
|
||||
assert_eq!(&buf, s.as_bytes())
|
||||
}
|
||||
|
||||
#[test]
|
||||
#[cfg(any(feature = "alloc", feature = "std"))]
|
||||
fn read_to_limit_less_than_total_length() {
|
||||
let s = "16-byte-string!!".to_string();
|
||||
let mut reader = Cursor::new(&s);
|
||||
let mut buf = vec![];
|
||||
|
||||
let read = reader.read_to_limit(&mut buf, 2).expect("failed to read to limit");
|
||||
assert_eq!(read, 2);
|
||||
assert_eq!(&buf, "16".as_bytes())
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue