Read limited input for yes answer

f1ee9c79 · Igor Drozdov · Nick Thomas · 3f9890ef · f1ee9c79 · f1ee9c79
Commit f1ee9c79 authored 4 years ago by Igor Drozdov Committed by Nick Thomas 4 years ago
--- a/CHANGELOG
+++ b/CHANGELOG
+v13.13.1
+
+- Read limited input when asking to generate new two-factor recovery codes
+
 v13.13.0

 - GitLab API Client support for client certificates !432

--- a/VERSION
+++ b/VERSION
-13.13.0
+13.13.1
--- a/internal/command/twofactorrecover/twofactorrecover.go
+++ b/internal/command/twofactorrecover/twofactorrecover.go
@@ -3,6 +3,7 @@ package twofactorrecover
 import (
 	"context"
 	"fmt"
+	"io"
 	"strings"

 	"gitlab.com/gitlab-org/gitlab-shell/internal/command/commandargs"
@@ -11,6 +12,8 @@ import (
 	"gitlab.com/gitlab-org/gitlab-shell/internal/gitlabnet/twofactorrecover"
 )

+const readerLimit = 1024
+
 type Command struct {
 	Config     *config.Config
 	Args       *commandargs.Shell
@@ -34,7 +37,7 @@ func (c *Command) canContinue() bool {
 	fmt.Fprintln(c.ReadWriter.Out, question)

 	var answer string
-	fmt.Fscanln(c.ReadWriter.In, &answer)
+	fmt.Fscanln(io.LimitReader(c.ReadWriter.In, readerLimit), &answer)

 	return answer == "yes"
 }

--- a/internal/command/twofactorrecover/twofactorrecover_test.go
+++ b/internal/command/twofactorrecover/twofactorrecover_test.go
@@ -6,6 +6,7 @@ import (
 	"encoding/json"
 	"io/ioutil"
 	"net/http"
+	"strings"
 	"testing"

 	"github.com/stretchr/testify/require"
@@ -114,6 +115,13 @@ func TestExecute(t *testing.T) {
 			expectedOutput: question +
 				"New recovery codes have *not* been generated. Existing codes will remain valid.\n",
 		},
+		{
+			desc:      "With some other answer",
+			arguments: &commandargs.Shell{},
+			answer:    strings.Repeat("yes, but not really\n", 2048),
+			expectedOutput: question +
+				"New recovery codes have *not* been generated. Existing codes will remain valid.\n",
+		},
 	}

 	for _, tc := range testCases {