Add limit to ioutil.ReadAll for request body (#5224)

This PR adds limit to ioutil.ReadAll for DoH request body so that it will not be subject to large requests. Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
author: Yong Tang <yong.tang.github@outlook.com> 2022-03-04 12:18:05 -0800
committer: GitHub <noreply@github.com> 2022-03-04 12:18:05 -0800
commit: ad41112a9291b91a1d56e69e749ac032c2de1c26 (patch)
tree: 7e8a44f67f8327e3de65de8ecc4fb5d67b132a6e /plugin
parent: 967814161aafca87434d61bac02d95794d2549af (diff)
download: coredns-ad41112a9291b91a1d56e69e749ac032c2de1c26.tar.gz
coredns-ad41112a9291b91a1d56e69e749ac032c2de1c26.tar.zst
coredns-ad41112a9291b91a1d56e69e749ac032c2de1c26.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/plugin/pkg/doh/doh.go b/plugin/pkg/doh/doh.go
index 1a3385376..575ae5369 100644
--- a/plugin/pkg/doh/doh.go
+++ b/plugin/pkg/doh/doh.go
@@ -92,7 +92,7 @@ func requestToMsgGet(req *http.Request) (*dns.Msg, error) {
 }
 
 func toMsg(r io.ReadCloser) (*dns.Msg, error) {
-	buf, err := io.ReadAll(r)
+	buf, err := io.ReadAll(io.LimitReader(r, 65536))
 	if err != nil {
 		return nil, err
 	}
author	Yong Tang <yong.tang.github@outlook.com>	2022-03-04 12:18:05 -0800
committer	GitHub <noreply@github.com>	2022-03-04 12:18:05 -0800
commit	ad41112a9291b91a1d56e69e749ac032c2de1c26 (patch)
tree	7e8a44f67f8327e3de65de8ecc4fb5d67b132a6e /plugin
parent	967814161aafca87434d61bac02d95794d2549af (diff)
download	coredns-ad41112a9291b91a1d56e69e749ac032c2de1c26.tar.gz coredns-ad41112a9291b91a1d56e69e749ac032c2de1c26.tar.zst coredns-ad41112a9291b91a1d56e69e749ac032c2de1c26.zip