Compare and limit against body bytesize when no content-length

http header is present.
puma · Dec 20, 2022 · 42059f8 · 42059f8
1 parent 552b161
commit 42059f8
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 2 deletions.
diff --git a/lib/puma/client.rb b/lib/puma/client.rb
@@ -88,6 +88,7 @@ def initialize(io, env=nil)
 
       @http_content_length_limit = nil
       @http_content_length_limit_exceeded = false
+      @http_content_length_size = 0
 
       @peerip = nil
       @peer_family = nil
@@ -154,6 +155,7 @@ def reset(fast_check=true)
       @body_remain = 0
       @peerip = nil if @remote_addr_header
       @in_last_chunk = false
+      @http_content_length_size = 0
 
       if @buffer
         return false unless try_to_parse_proxy_protocol
@@ -213,7 +215,9 @@ def try_to_parse_proxy_protocol
     end
 
     def try_to_finish
-      @http_content_length_limit_exceeded = env[CONTENT_LENGTH].to_i > @http_content_length_limit if env[CONTENT_LENGTH] && @http_content_length_limit
+      if env[CONTENT_LENGTH] && @http_content_length_limit
+        @http_content_length_limit_exceeded = env[CONTENT_LENGTH].to_i > @http_content_length_limit
+      end
 
       if @http_content_length_limit_exceeded
         @buffer = nil
@@ -251,6 +255,10 @@ def try_to_finish
 
       @parsed_bytes = @parser.execute(@env, @buffer, @parsed_bytes)
 
+      if @parser.finished? && @http_content_length_limit && (@parser.body.bytesize > @http_content_length_limit)
+        @http_content_length_limit_exceeded = true
+      end
+
       if @parser.finished?
         return setup_body
       elsif @parsed_bytes >= MAX_HEADER

diff --git a/lib/puma/dsl.rb b/lib/puma/dsl.rb
@@ -1023,10 +1023,13 @@ def mutate_stdout_and_stderr_to_sync_on_write(enabled=true)
     end
 
     # Specify how big the request payload should be.
-    # This limit is compared against CONTENT_LENGTH HTTP header.
+    # This limit is compared against Content-Length HTTP header.
     # If the payload size (CONTENT_LENGTH) is larger than http_content_length_limit,
     # HTTP 413 status code is returned.
     #
+    # When no Content-Length http header is present, it is compared against the
+    # size of the body of the request.
+     #
     # The default value for http_content_length_limit is nil.
     def http_content_length_limit(limit)
       @options[:http_content_length_limit] = limit