diff options
| author | Patrick Cloke <clokep@users.noreply.github.com> | 2022-01-24 09:38:37 -0500 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-01-24 14:38:37 +0000 |
| commit | 02d99f044efbed3c347c19a430d56cfbb41c87a7 (patch) | |
| tree | 4c089dab1b658194956f7008257f2427678402b9 /synapse | |
| parent | Merge branch 'master' into develop (diff) | |
| download | synapse-02d99f044efbed3c347c19a430d56cfbb41c87a7.tar.xz | |
Apply a timeout to reading the body when fetching a file. (#11784)
This prevents the URL preview code from reading a stream forever.
Diffstat (limited to 'synapse')
| -rw-r--r-- | synapse/http/client.py | 15 |
1 files changed, 12 insertions, 3 deletions
diff --git a/synapse/http/client.py b/synapse/http/client.py index ca33b45cb2..743a7ffcb1 100644 --- a/synapse/http/client.py +++ b/synapse/http/client.py @@ -731,15 +731,24 @@ class SimpleHttpClient: # straight back in again try: - length = await make_deferred_yieldable( - read_body_with_max_size(response, output_stream, max_size) - ) + d = read_body_with_max_size(response, output_stream, max_size) + + # Ensure that the body is not read forever. + d = timeout_deferred(d, 30, self.hs.get_reactor()) + + length = await make_deferred_yieldable(d) except BodyExceededMaxSize: raise SynapseError( HTTPStatus.BAD_GATEWAY, "Requested file is too large > %r bytes" % (max_size,), Codes.TOO_LARGE, ) + except defer.TimeoutError: + raise SynapseError( + HTTPStatus.BAD_GATEWAY, + "Requested file took too long to download", + Codes.TOO_LARGE, + ) except Exception as e: raise SynapseError( HTTPStatus.BAD_GATEWAY, ("Failed to download remote body: %s" % e) |