From 15d955c478bf394cab21d2a7ed6e7715d261168e Mon Sep 17 00:00:00 2001
From: Laura Hausmann <laura@hausmann.dev>
Date: Sun, 28 Jul 2024 22:06:33 +0200
Subject: [PATCH] [backend/core] Limit HttpClient buffer size to 1MiB, except
 DriveService from this policy (until proper limits are in place there)

---
 .../Core/Extensions/ServiceExtensions.cs          |  1 +
 .../Core/Services/CustomHttpClient.cs             | 15 +++++++++++++++
 Iceshrimp.Backend/Core/Services/DriveService.cs   |  2 +-
 3 files changed, 17 insertions(+), 1 deletion(-)

diff --git a/Iceshrimp.Backend/Core/Extensions/ServiceExtensions.cs b/Iceshrimp.Backend/Core/Extensions/ServiceExtensions.cs
index 5d3cbfcb..7e18a8be 100644
--- a/Iceshrimp.Backend/Core/Extensions/ServiceExtensions.cs
+++ b/Iceshrimp.Backend/Core/Extensions/ServiceExtensions.cs
@@ -86,6 +86,7 @@ public static class ServiceExtensions
 		// Singleton = instantiated once across application lifetime
 		services
 			.AddSingleton<HttpClient, CustomHttpClient>()
+			.AddSingleton<UnrestrictedHttpClient>()
 			.AddSingleton<HttpRequestService>()
 			.AddSingleton<CronService>()
 			.AddSingleton<QueueService>()
diff --git a/Iceshrimp.Backend/Core/Services/CustomHttpClient.cs b/Iceshrimp.Backend/Core/Services/CustomHttpClient.cs
index d2d0a5ac..12cb31bd 100644
--- a/Iceshrimp.Backend/Core/Services/CustomHttpClient.cs
+++ b/Iceshrimp.Backend/Core/Services/CustomHttpClient.cs
@@ -31,6 +31,9 @@ public class CustomHttpClient : HttpClient
 		DefaultRequestHeaders.TryAddWithoutValidation("User-Agent", options.Value.UserAgent);
 		Timeout = TimeSpan.FromSeconds(30);
 
+		// Protect against DoS attacks
+		MaxResponseContentBufferSize = 1024 * 1024; // 1MiB
+
 		// Configure FastFallback
 		FastFallbackHandler.Logger   = loggerFactory.CreateLogger<FastFallback>();
 		FastFallbackHandler.Security = security;
@@ -362,4 +365,16 @@ public class CustomHttpClient : HttpClient
 			}
 		}
 	}
+}
+
+public class UnrestrictedHttpClient : CustomHttpClient
+{
+	public UnrestrictedHttpClient(
+		IOptions<Config.InstanceSection> options,
+		IOptionsMonitor<Config.SecuritySection> security,
+		ILoggerFactory loggerFactory
+	) : base(options, security, loggerFactory)
+	{
+		MaxResponseContentBufferSize = int.MaxValue;
+	}
 }
\ No newline at end of file
diff --git a/Iceshrimp.Backend/Core/Services/DriveService.cs b/Iceshrimp.Backend/Core/Services/DriveService.cs
index ea79bdac..119f71b8 100644
--- a/Iceshrimp.Backend/Core/Services/DriveService.cs
+++ b/Iceshrimp.Backend/Core/Services/DriveService.cs
@@ -17,7 +17,7 @@ public class DriveService(
 	[SuppressMessage("ReSharper", "SuggestBaseTypeForParameterInConstructor")]
 	IOptionsSnapshot<Config.StorageSection> storageConfig,
 	IOptions<Config.InstanceSection> instanceConfig,
-	HttpClient httpClient,
+	UnrestrictedHttpClient httpClient,
 	QueueService queueSvc,
 	ILogger<DriveService> logger,
 	ImageProcessor imageProcessor