* This is basically strbuf_read(), except that if we * hit max_request_buffer we die (we'd rather reject a * maliciously large request than chew up infinite memory). */
| 306 | * maliciously large request than chew up infinite memory). |
| 307 | */ |
| 308 | static ssize_t read_request_eof(int fd, unsigned char **out) |
| 309 | { |
| 310 | size_t len = 0, alloc = 8192; |
| 311 | unsigned char *buf = xmalloc(alloc); |
| 312 | |
| 313 | if (max_request_buffer < alloc) |
| 314 | max_request_buffer = alloc; |
| 315 | |
| 316 | while (1) { |
| 317 | ssize_t cnt; |
| 318 | |
| 319 | cnt = read_in_full(fd, buf + len, alloc - len); |
| 320 | if (cnt < 0) { |
| 321 | free(buf); |
| 322 | return -1; |
| 323 | } |
| 324 | |
| 325 | /* partial read from read_in_full means we hit EOF */ |
| 326 | len += cnt; |
| 327 | if (len < alloc) { |
| 328 | *out = buf; |
| 329 | return len; |
| 330 | } |
| 331 | |
| 332 | /* otherwise, grow and try again (if we can) */ |
| 333 | if (alloc == max_request_buffer) |
| 334 | die("request was larger than our maximum size (%lu);" |
| 335 | " try setting GIT_HTTP_MAX_REQUEST_BUFFER", |
| 336 | max_request_buffer); |
| 337 | |
| 338 | alloc = alloc_nr(alloc); |
| 339 | if (alloc > max_request_buffer) |
| 340 | alloc = max_request_buffer; |
| 341 | REALLOC_ARRAY(buf, alloc); |
| 342 | } |
| 343 | } |
| 344 | |
| 345 | static ssize_t read_request_fixed_len(int fd, ssize_t req_len, unsigned char **out) |
| 346 | { |
no test coverage detected