OpenSearch/mustache.patch at main · sam-herman/OpenSearch · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
diff --git a/modules/lang-mustache/src/main/java/org/opensearch/script/mustache/MustacheScriptEngine.java b/modules/lang-mustache/src/main/java/org/opensearch/script/mustache/MustacheScriptEngine.java
index 842353fdba3..3d6dca775b7 100644
--- a/modules/lang-mustache/src/main/java/org/opensearch/script/mustache/MustacheScriptEngine.java
+++ b/modules/lang-mustache/src/main/java/org/opensearch/script/mustache/MustacheScriptEngine.java
@@ -47,13 +47,16 @@ import org.opensearch.script.ScriptEngine;
 import org.opensearch.script.ScriptException;
 import org.opensearch.script.TemplateScript;

+import java.io.IOException;
 import java.io.Reader;
 import java.io.StringReader;
 import java.io.StringWriter;
+import java.io.Writer;
 import java.security.AccessController;
 import java.security.PrivilegedAction;
 import java.util.Collections;
 import java.util.Map;
+import java.util.Objects;
 import java.util.Set;

 /**
@@ -110,6 +113,37 @@ public final class MustacheScriptEngine implements ScriptEngine {
         return NAME;
     }

+    private final class BoundedWriter extends Writer {
+        private final Writer delegate;
+        private final long maxChars;
+        private long written;
+
+        public BoundedWriter(Writer delegate, long maxChars) {
+            this.delegate = Objects.requireNonNull(delegate);
+            this.maxChars = maxChars;
+        }
+
+        @Override
+        public void write(char[] cbuf, int off, int len) throws IOException {
+            if (written + len > maxChars) {
+                throw new IOException("Writer size limit " + maxChars + " chars exceeded");
+            }
+            delegate.write(cbuf, off, len);
+            written += len;
+        }
+
+        /* delegate flush()/close() as-is */
+        @Override
+        public void flush() throws IOException {
+            delegate.flush();
+        }
+
+        @Override
+        public void close() throws IOException {
+            delegate.close();
+        }
+    }
+
     /**
      * Used at query execution time by script service in order to execute a query template.
      * */
@@ -131,7 +165,7 @@ public final class MustacheScriptEngine implements ScriptEngine {
         @SuppressWarnings("removal")
         @Override
         public String execute() {
-            final StringWriter writer = new StringWriter();
+            final Writer writer = new BoundedWriter(new StringWriter(), 100_000); // 100 k chars max
             try {
                 // crazy reflection here
                 SpecialPermission.check();