From 6f199f2eec236211f2e9d1e320fd536f459f042a Mon Sep 17 00:00:00 2001
From: "google-labs-jules[bot]"
 <161369871+google-labs-jules[bot]@users.noreply.github.com>
Date: Wed, 18 Feb 2026 03:19:31 +0000
Subject: Fix unbounded memory usage in crawler (DoS)

Co-authored-by: adammathes <868470+adammathes@users.noreply.github.com>
---
 internal/crawler/crawler.go | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'internal/crawler/crawler.go')

diff --git a/internal/crawler/crawler.go b/internal/crawler/crawler.go
index 4f5de98..e664e06 100644
--- a/internal/crawler/crawler.go
+++ b/internal/crawler/crawler.go
@@ -15,6 +15,7 @@ import (
 )
 
 const MAX_CRAWLERS = 5
+const MAX_FEED_SIZE = 10 * 1024 * 1024 // 10MB
 
 func Crawl() {
 	crawlJobs := make(chan *feed.Feed, 100)
@@ -88,7 +89,7 @@ func GetFeedContent(feedURL string) string {
 		return ""
 	}
 
-	bodyBytes, err := io.ReadAll(resp.Body)
+	bodyBytes, err := io.ReadAll(io.LimitReader(resp.Body, MAX_FEED_SIZE))
 	if err != nil {
 		return ""
 	}
-- 
cgit v1.2.3