Add limit to ioutil.ReadAll for request body (#5224)

This PR adds limit to ioutil.ReadAll for DoH request body so that it will not be subject to large requests. Signed-off-by: Yong Tang <yong.tang.github@outlook.com>

Add limit to ioutil.ReadAll for request body (#5224)
This PR adds limit to ioutil.ReadAll for DoH request body so that it will not be subject to large requests. Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
ad41112a · Yong Tang · GitHub · 96781416 · ad41112a
Commit ad41112a authored Mar 04, 2022 by Yong Tang Committed by GitHub Mar 04, 2022
Hide whitespace changes
Inline Side-by-side

Showing with 1 addition and 1 deletion

plugin/pkg/doh/doh.go plugin/pkg/doh/doh.go +1 -1

No files found.
--- a/plugin/pkg/doh/doh.go
+++ b/plugin/pkg/doh/doh.go
@@ -92,7 +92,7 @@ func requestToMsgGet(req *http.Request) (*dns.Msg, error) {
 }
 func toMsg(r io.ReadCloser) (*dns.Msg, error) {
-	buf, err := io.ReadAll(r)
+	buf, err := io.ReadAll(io.LimitReader(r, 65536))
 	if err != nil {
 		return nil, err
 	}