mirror
/
logrus
mirror of https://github.com/sirupsen/logrus.git
1
0
Fork 1
Code Issues Packages Projects Releases Wiki Activity

Scan text in 64KB chunks 

This commit fixes a potential denial of service
vulnerability in logrus.Writer() that could be
triggered by logging text longer than 64KB
without newlines. Previously, the bufio.Scanner
used by Writer() would hang indefinitely when
reading such text without newlines, causing the
application to become unresponsive.
This commit is contained in:
Chris 2023-03-10 13:45:41 -08:00 committed by Ash McKenzie
parent 766cfece37
commit c052ba6a07
No known key found for this signature in database
GPG Key ID: A1253B4953E8D3E6
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
writer.go
View File

@ -75,7 +75,8 @@ func (entry *Entry) writerScanner(reader *io.PipeReader, printFunc func(args ...
if len(data) > chunkSize {
return chunkSize, data[:chunkSize], nil
}
return 0, nil, nil
return len(data), data, nil
}
//Use the custom split function to split the input