From df06219fd70592e049d392a03662ace9d40c2988 Mon Sep 17 00:00:00 2001
From: jake <jikai11@huawei.com>
Date: Thu, 24 Aug 2023 02:20:23 +0000
Subject: [PATCH 10/10] !2129 Limit the response size of ExecSync * Limit the
 response size of ExecSync

---
 src/daemon/entry/cri/cri_container_manager_service_impl.cc | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/daemon/entry/cri/cri_container_manager_service_impl.cc b/src/daemon/entry/cri/cri_container_manager_service_impl.cc
index 101824ae..ed9e8e72 100644
--- a/src/daemon/entry/cri/cri_container_manager_service_impl.cc
+++ b/src/daemon/entry/cri/cri_container_manager_service_impl.cc
@@ -1316,7 +1316,13 @@ static auto WriteToString(void *context, const void *data, size_t len) -> ssize_
         return 0;
     }
 
+    // Limit the response size of ExecSync, outside of the response limit will never be seen
+    // Allow last write to exceed the limited size since every single write has a limit len
+    const size_t max_stream_size = 1024 * 1024 * 16;
     std::string *str = reinterpret_cast<std::string *>(context);
+    if (str->length() >= max_stream_size) {
+        return (ssize_t)len;
+    }
 
     str->append(reinterpret_cast<const char *>(data), len);
     return (ssize_t)len;
-- 
2.25.1