Limit binary data to 21MB

binary/binary.go

@@ -2,10 +2,16 @@ package binary
 
 import (
 	"encoding/json"
+	"errors"
 	"io"
 	"reflect"
 )
 
+// TODO document and maybe make it configurable.
+const MaxBinaryReadSize = 21 * 1024 * 1024
+
+var ErrMaxBinaryReadSizeReached = errors.New("Error: max binary read size reached")
+
 func ReadBinary(o interface{}, r io.Reader, n *int64, err *error) interface{} {
 	rv, rt := reflect.ValueOf(o), reflect.TypeOf(o)
 	if rv.Kind() == reflect.Ptr {

binary/byteslice.go

@@ -19,6 +19,10 @@ func ReadByteSlice(r io.Reader, n *int64, err *error) []byte {
 	if *err != nil {
 		return nil
 	}
+	if MaxBinaryReadSize < *n+int64(length) {
+		*err = ErrMaxBinaryReadSizeReached
+		return nil
+	}
 
 	var buf, tmpBuf []byte
 	// read one ByteSliceChunk at a time and append
@@ -50,6 +54,11 @@ func ReadByteSlices(r io.Reader, n *int64, err *error) [][]byte {
 	if *err != nil {
 		return nil
 	}
+	if MaxBinaryReadSize < *n+int64(length) {
+		*err = ErrMaxBinaryReadSizeReached
+		return nil
+	}
+
 	bzz := make([][]byte, length)
 	for i := 0; i < length; i++ {
 		bz := ReadByteSlice(r, n, err)

binary/reflect.go

@@ -273,6 +273,10 @@ func readReflectBinary(rv reflect.Value, rt reflect.Type, opts Options, r io.Rea
 					if *err != nil {
 						return
 					}
+					if MaxBinaryReadSize < *n {
+						*err = ErrMaxBinaryReadSizeReached
+						return
+					}
 				}
 				sliceRv = reflect.AppendSlice(sliceRv, tmpSliceRv)
 			}

binary/string.go

@@ -14,6 +14,11 @@ func ReadString(r io.Reader, n *int64, err *error) string {
 	if *err != nil {
 		return ""
 	}
+	if MaxBinaryReadSize < *n+int64(length) {
+		*err = ErrMaxBinaryReadSizeReached
+		return ""
+	}
+
 	buf := make([]byte, length)
 	ReadFull(buf, r, n, err)
 	return string(buf)