From: Eric S. Raymond <esr@thyrsus.com>
Date: Mon, 1 Oct 2012 22:51:10 +0000 (-0400)
Subject: Some anti-DOS protection.
X-Git-Tag: 1.4~8
X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=2f3d4c4897b909ccee7e478e5cbd21c4c19b3edd;p=irker.git

Some anti-DOS protection.
---

diff --git a/irkerd b/irkerd
index 1b85e00..9207ae1 100755
--- a/irkerd
+++ b/irkerd
@@ -363,6 +363,11 @@ class Irker:
     def handle(self, line):
         "Perform a JSON relay request."
         try:
+            # Without this guard, a line consisting of a thousand '[' chars
+            # can crash irker by inducing the JSON parser to blow Python's
+            # recursion stack. 
+            if line.count("[") > 256 or line.count("{") > 256:
+                raise ValueError
             request = json.loads(line.strip())
             if type(request) != type({}):
                 self.logerr("request in tot a JSON dictionary: %s" % repr(request))