From ad41112a9291b91a1d56e69e749ac032c2de1c26 Mon Sep 17 00:00:00 2001
From: Yong Tang <yong.tang.github@outlook.com>
Date: Fri, 4 Mar 2022 12:18:05 -0800
Subject: [PATCH] Add limit to ioutil.ReadAll for request body (#5224)

This PR adds limit to ioutil.ReadAll for DoH request body
so that it will not be subject to large requests.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
---
 plugin/pkg/doh/doh.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/plugin/pkg/doh/doh.go b/plugin/pkg/doh/doh.go
index 1a3385376..575ae5369 100644
--- a/plugin/pkg/doh/doh.go
+++ b/plugin/pkg/doh/doh.go
@@ -92,7 +92,7 @@ func requestToMsgGet(req *http.Request) (*dns.Msg, error) {
 }
 
 func toMsg(r io.ReadCloser) (*dns.Msg, error) {
-	buf, err := io.ReadAll(r)
+	buf, err := io.ReadAll(io.LimitReader(r, 65536))
 	if err != nil {
 		return nil, err
 	}