如何安全地从std :: istream读取一行？ [英] How to safely read a line from an std::istream?

问题描述

我想安全 从 std :: istream 读取一行。流可以是任何东西，例如，Web服务器上的连接或处理由未知源提交的文件的东西。有许多答案开始做这个代码的道德等同：

I want to safely read a line from an std::istream. The stream could be anything, e.g., a connection on a Web server or something processing files submitted by unknown sources. There are many answers starting to do the moral equivalent of this code:

void read(std::istream& in) {
    std::string line;
    if (std::getline(in, line)) {
        // process the line
    }
}

考虑到在中的可能来源，使用上面的代码会导致一个漏洞：恶意代理可能使用巨大的线路对这个代码安装拒绝服务攻击。因此，我想将行长度限制为一些相当高的值，例如4百万 char 。虽然可能遇到一些大行，但是为每个文件分配一个缓冲区并使用 std :: istream :: getline（）是不可行的。

Given the possibly dubious source of in, using the above code would lead to a vulnerability: a malicious agent may mount a denial of service attack against this code using a huge line. Thus, I would like to limit the line length to some rather high value, say 4 millions chars. While a few large lines may be encountered, it isn't viable to allocate a buffer for each file and use std::istream::getline().

如何限制行的最大大小，理想情况下不会使代码变形太严重，并且前面没有分配大块内存？

How can the maximum size of the line be limited, ideally without distorting the code too badly and without allocating large chunks of memory up front?

推荐答案

您可以编写您自己的版本的 std :: getline code> getline_n 或某事。

You could write your own version of std::getline with a maximum number of characters read parameter, something called getline_n or something.

#include <string>
#include <iostream>

template<typename CharT, typename Traits, typename Alloc>
auto getline_n(std::basic_istream<CharT, Traits>& in, std::basic_string<CharT, Traits, Alloc>& str, std::streamsize n) -> decltype(in) {
    std::ios_base::iostate state = std::ios_base::goodbit;
    bool extracted = false;
    const typename std::basic_istream<CharT, Traits>::sentry s(in, true);
    if(s) {
        try {
            str.erase();
            typename Traits::int_type ch = in.rdbuf()->sgetc();
            for(; ; ch = in.rdbuf()->snextc()) {
                if(Traits::eq_int_type(ch, Traits::eof())) {
                    // eof spotted, quit
                    state |= std::ios_base::eofbit;
                    break;
                }
                else if(str.size() == n) {
                    // maximum number of characters met, quit
                    extracted = true;
                    in.rdbuf()->sbumpc();
                    break;
                }
                else if(str.max_size() <= str.size()) {
                    // string too big
                    state |= std::ios_base::failbit;
                    break;
                }
                else {
                    // character valid
                    str += Traits::to_char_type(ch);
                    extracted = true;
                }
            }
        }
        catch(...) {
            in.setstate(std::ios_base::badbit);
        }
    }

    if(!extracted) {
        state |= std::ios_base::failbit;
    }

    in.setstate(state);
    return in;
}

int main() {
    std::string s;
    getline_n(std::cin, s, 10); // maximum of 10 characters
    std::cout << s << '\n';
}

可能会被杀死。

这篇关于如何安全地从std :: istream读取一行？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！