beenull/moby
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge pull request #19312 from cpuguy83/19177_fix_debug_req_dump_size

Browse source 
Don't dump request body when too large
This commit is contained in:
Tibor Vass 2016-01-14 09:06:02 -05:00
commit 59231ea6d8
2 changed files with 57 additions and 41 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

55
api/server/middleware.go
View file

@ -1,9 +1,9 @@
package server package server
import ( import (
"bytes" "bufio"
"encoding/json" "encoding/json"
"io/ioutil" "io"
"net/http" "net/http"
"runtime" "runtime"
"strings" "strings"
@ -14,6 +14,7 @@ import (
"github.com/docker/docker/dockerversion" "github.com/docker/docker/dockerversion"
"github.com/docker/docker/errors" "github.com/docker/docker/errors"
"github.com/docker/docker/pkg/authorization" "github.com/docker/docker/pkg/authorization"
"github.com/docker/docker/pkg/ioutils"
"github.com/docker/docker/pkg/version" "github.com/docker/docker/pkg/version"
"golang.org/x/net/context" "golang.org/x/net/context"
) )
@ -27,25 +28,37 @@ func debugRequestMiddleware(handler httputils.APIFunc) httputils.APIFunc {
return func(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error { return func(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
logrus.Debugf("%s %s", r.Method, r.RequestURI) logrus.Debugf("%s %s", r.Method, r.RequestURI)
if r.Method == "POST" { if r.Method != "POST" {
if err := httputils.CheckForJSON(r); err == nil { return handler(ctx, w, r, vars)
var buf bytes.Buffer }
if _, err := buf.ReadFrom(r.Body); err == nil { if err := httputils.CheckForJSON(r); err != nil {
r.Body.Close() return handler(ctx, w, r, vars)
r.Body = ioutil.NopCloser(&buf) }
var postForm map[string]interface{} maxBodySize := 4096 // 4KB
if err := json.Unmarshal(buf.Bytes(), &postForm); err == nil { if r.ContentLength > int64(maxBodySize) {
if _, exists := postForm["password"]; exists { return handler(ctx, w, r, vars)
postForm["password"] = "*****" }
}
formStr, errMarshal := json.Marshal(postForm) body := r.Body
if errMarshal == nil { bufReader := bufio.NewReaderSize(body, maxBodySize)
logrus.Debugf("form data: %s", string(formStr)) r.Body = ioutils.NewReadCloserWrapper(bufReader, func() error { return body.Close() })
} else {
logrus.Debugf("form data: %q", postForm) b, err := bufReader.Peek(maxBodySize)
} if err != io.EOF {
} // either there was an error reading, or the buffer is full (in which case the request is too large)
} return handler(ctx, w, r, vars)
}
var postForm map[string]interface{}
if err := json.Unmarshal(b, &postForm); err == nil {
if _, exists := postForm["password"]; exists {
postForm["password"] = "*****"
}
formStr, errMarshal := json.Marshal(postForm)
if errMarshal == nil {
logrus.Debugf("form data: %s", string(formStr))
} else {
logrus.Debugf("form data: %q", postForm)
} }
} }

43
pkg/authorization/authz.go
View file

@ -1,16 +1,19 @@
package authorization package authorization
import ( import (
"bufio"
"bytes" "bytes"
"fmt" "fmt"
"io" "io"
"io/ioutil"
"net/http" "net/http"
"strings" "strings"
"github.com/Sirupsen/logrus" "github.com/Sirupsen/logrus"
"github.com/docker/docker/pkg/ioutils"
) )
const maxBodySize = 1048576 // 1MB
// NewCtx creates new authZ context, it is used to store authorization information related to a specific docker // NewCtx creates new authZ context, it is used to store authorization information related to a specific docker
// REST http session // REST http session
// A context provides two method: // A context provides two method:
@ -52,18 +55,12 @@ type Ctx struct {
func (ctx *Ctx) AuthZRequest(w http.ResponseWriter, r *http.Request) error { func (ctx *Ctx) AuthZRequest(w http.ResponseWriter, r *http.Request) error {
var body []byte var body []byte
if sendBody(ctx.requestURI, r.Header) { if sendBody(ctx.requestURI, r.Header) {
var ( if r.ContentLength < maxBodySize {
err error var err error
drainedBody io.ReadCloser body, r.Body, err = drainBody(r.Body)
) if err != nil {
drainedBody, r.Body, err = drainBody(r.Body) return err
if err != nil { }
return err
}
defer drainedBody.Close()
body, err = ioutil.ReadAll(drainedBody)
if err != nil {
return err
} }
} }
@ -126,15 +123,21 @@ func (ctx *Ctx) AuthZResponse(rm ResponseModifier, r *http.Request) error {
// drainBody dump the body, it reads the body data into memory and // drainBody dump the body, it reads the body data into memory and
// see go sources /go/src/net/http/httputil/dump.go // see go sources /go/src/net/http/httputil/dump.go
func drainBody(b io.ReadCloser) (io.ReadCloser, io.ReadCloser, error) { func drainBody(body io.ReadCloser) ([]byte, io.ReadCloser, error) {
var buf bytes.Buffer bufReader := bufio.NewReaderSize(body, maxBodySize)
if _, err := buf.ReadFrom(b); err != nil { newBody := ioutils.NewReadCloserWrapper(bufReader, func() error { return body.Close() })
data, err := bufReader.Peek(maxBodySize)
if err != io.EOF {
// This means the request is larger than our max
if err == bufio.ErrBufferFull {
return nil, newBody, nil
}
// This means we had an error reading
return nil, nil, err return nil, nil, err
} }
if err := b.Close(); err != nil {
return nil, nil, err return data, newBody, nil
}
return ioutil.NopCloser(&buf), ioutil.NopCloser(bytes.NewReader(buf.Bytes())), nil
} }
// sendBody returns true when request/response body should be sent to AuthZPlugin // sendBody returns true when request/response body should be sent to AuthZPlugin