Limit stdin read in tp, bound protocol drain, document Arc leak

- tp: limit stdin to 64 KiB + 1 byte to reject oversized pastes early without unbounded memory allocation - daemon: bound the oversized-line drain to MAX_LINE_SIZE so a client without newlines cannot block beyond the read timeout - tpd: document intentional Arc::into_raw leak in signal handler
author: murilo ijanc 2026-03-25 15:41:40 -0300
committer: murilo ijanc 2026-03-25 15:49:08 -0300
commit: 290f53c38cdacd502eb6dda52f2ad207063e3973 (patch)
tree: c5cd20f1fdc56b1d2420f12c674700ca1db396c0 /src/daemon.rs
parent: 62b68cc461b5e298add3ab190fe9a38f3efefe7a (diff)
download: tesseras-paste-290f53c38cdacd502eb6dda52f2ad207063e3973.tar.gz
1 files changed, 7 insertions, 3 deletions
diff --git a/src/daemon.rs b/src/daemon.rs
index f12efd9..12757a3 100644
--- a/src/daemon.rs
+++ b/src/daemon.rs
@@ -298,9 +298,13 @@ fn handle_client(
                 "request too large".into(),
             ));
             writer.write_all(resp.as_bytes())?;
-            // Drain remaining bytes until newline
-            let mut discard = String::new();
-            let _ = reader.read_line(&mut discard);
+            // Drain remaining bytes until newline (bounded to
+            // prevent a client without newlines from blocking
+            // indefinitely beyond the read timeout).
+            let mut discard = Vec::new();
+            let _ = (&mut reader)
+                .take(MAX_LINE_SIZE as u64)
+                .read_until(b'\n', &mut discard);
             continue;
         }
         let line = line.trim();
author	murilo ijanc	2026-03-25 15:41:40 -0300
committer	murilo ijanc	2026-03-25 15:49:08 -0300
commit	290f53c38cdacd502eb6dda52f2ad207063e3973 (patch)
tree	c5cd20f1fdc56b1d2420f12c674700ca1db396c0 /src/daemon.rs
parent	62b68cc461b5e298add3ab190fe9a38f3efefe7a (diff)
download	tesseras-paste-290f53c38cdacd502eb6dda52f2ad207063e3973.tar.gz