DGNum/Stirling-PDF
14
0
Fork 0
Code Issues 4 Pull requests 1 Projects Releases Packages Wiki Activity

Protect readLine() against DoS

Browse source
This commit is contained in:
pixeebot[bot] 2024-02-01 23:01:04 +00:00
parent 61cd473e6c
commit 450e090252
1 changed files with 3 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
src/main/java/stirling/software/SPDF/utils/ProcessExecutor.java
View file

@ -1,5 +1,6 @@
package stirling.software.SPDF.utils; package stirling.software.SPDF.utils;
import io.github.pixee.security.BoundedLineReader;
import java.io.BufferedReader; import java.io.BufferedReader;
import java.io.File; import java.io.File;
import java.io.IOException; import java.io.IOException;
@ -109,7 +110,7 @@ public class ProcessExecutor {
process.getErrorStream(), process.getErrorStream(),
StandardCharsets.UTF_8))) { StandardCharsets.UTF_8))) {
String line; String line;
while ((line = errorReader.readLine()) != null) { while ((line = BoundedLineReader.readLine(errorReader, 5_000_000)) != null) {
errorLines.add(line); errorLines.add(line);
if (liveUpdates) logger.info(line); if (liveUpdates) logger.info(line);
} }
@ -130,7 +131,7 @@ public class ProcessExecutor {
process.getInputStream(), process.getInputStream(),
StandardCharsets.UTF_8))) { StandardCharsets.UTF_8))) {
String line; String line;
while ((line = outputReader.readLine()) != null) { while ((line = BoundedLineReader.readLine(outputReader, 5_000_000)) != null) {
outputLines.add(line); outputLines.add(line);
if (liveUpdates) logger.info(line); if (liveUpdates) logger.info(line);
} }