mirror of
https://codeberg.org/git-pages/git-pages.git
synced 2026-06-10 13:30:49 +00:00
Check git blob size against cumulative limit before reading it.
This avoids exhausting RAM when reading e.g. a repository with a single extremely large file. Note that there is still a risk of exhausting space in `/tmp`. V12-Ref: F-77211
This commit is contained in:
+8
-8
@@ -214,6 +214,14 @@ func readGitBlob(
|
||||
return fmt.Errorf("git blob %s: %w", hash, err)
|
||||
}
|
||||
|
||||
*bytesTransferred += blob.Size
|
||||
if uint64(*bytesTransferred) > config.Limits.MaxSiteSize.Bytes() {
|
||||
return fmt.Errorf("%w: fetch exceeds %s limit",
|
||||
ErrRepositoryTooLarge,
|
||||
config.Limits.MaxSiteSize.HR(),
|
||||
)
|
||||
}
|
||||
|
||||
reader, err := blob.Reader()
|
||||
if err != nil {
|
||||
return fmt.Errorf("git blob open: %w", err)
|
||||
@@ -238,14 +246,6 @@ func readGitBlob(
|
||||
entry.OriginalSize = proto.Int64(blob.Size)
|
||||
entry.CompressedSize = proto.Int64(blob.Size)
|
||||
|
||||
*bytesTransferred += blob.Size
|
||||
if uint64(*bytesTransferred) > config.Limits.MaxSiteSize.Bytes() {
|
||||
return fmt.Errorf("%w: fetch exceeds %s limit",
|
||||
ErrRepositoryTooLarge,
|
||||
config.Limits.MaxSiteSize.HR(),
|
||||
)
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user