gopkg/logrus
2
0
Fork 0
Code Pull Requests Activity

Scan text in 64KB chunks

Browse Source 
This commit fixes a potential denial of service
vulnerability in logrus.Writer() that could be
triggered by logging text longer than 64KB
without newlines. Previously, the bufio.Scanner
used by Writer() would hang indefinitely when
reading such text without newlines, causing the
application to become unresponsive.
This commit is contained in:
Chris
2023-03-10 13:45:41 -08:00
committed by Ash McKenzie
parent 766cfece37
commit c052ba6a07
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
writer.go
+2 -1
View File
@@ -75,7 +75,8 @@ func (entry *Entry) writerScanner(reader *io.PipeReader, printFunc func(args ...
if len(data) > chunkSize { if len(data) > chunkSize {
return chunkSize, data[:chunkSize], nil return chunkSize, data[:chunkSize], nil
} }
return 0, nil, nil
return len(data), data, nil
} }
//Use the custom split function to split the input //Use the custom split function to split the input