http: refuse to deal with >4GB chunks in uploads

The `hex' perlop will return an NV (typically 64-bit double) on
UV (unsigned int) overflow and warns on larger values.  While
64-bit integer builds of 32-bit perl (e.g. Debian i386) can
handle 64-bit numbers, there are builds of perl which still use
32-bit integers nowadays (e.g. OpenBSD 7.x i386).

It's unlikely we'll ever see chunks even close to 4GB, so just
cap it at 8 hex characters and drop clients which send larger
amounts.

diff --git a/lib/PublicInbox/HTTP.pm b/lib/PublicInbox/HTTP.pm
index fd9021d616ebc92552ebd59f69e761072a885953..7bee0b0a0ea3f7bd6a75a238846455c2990551bf 100644 (file)
--- a/lib/PublicInbox/HTTP.pm
+++ b/lib/PublicInbox/HTTP.pm
@@ -432,6 +432,7 @@ sub read_input_chunked { # unlikely...
                }
                if ($len == CHUNK_START) {
                        if ($$rbuf =~ s/\A([a-f0-9]+).*?\r\n//i) {
+                               return quit($self, 400) if length($1) > 8;
                                $len = hex $1;
                                if (($len + -s $input) > $MAX_REQUEST_BUFFER) {
                                        return quit($self, 413);