Skip to content

Unbounded io.ReadAll on GitHub error response bodies in nightly E2E handler #7055

Closed
#7069
Closed
Unbounded io.ReadAll on GitHub error response bodies in nightly E2E handler#7055
#7069
Labels
ai-fix-requestedai-processingAI is currently processing this issuekind/bugCategorizes issue or PR as related to a bug.triage/acceptedIndicates an issue or PR is ready to be actively worked on.triage/neededNeeds triage
@aashu2006

Description

@aashu2006
aashu2006
opened on Apr 12, 2026

User Request

Type: bug
Target: Console Application
Submitted by: @aashu2006
Console Request ID: 40401ff1-e896-40ad-a86a-6a096403cf0e

Description

What happened:
In pkg/api/handlers/nightly_e2e.go:358-362 and 775, GitHub error response bodies are read with io.ReadAll and no LimitReader. A GitHub outage returning a large HTML error page or any upstream response manipulation can consume unbounded memory.

What I expected:
All io.ReadAll calls on external response bodies should use io.LimitReader with a defined maximum size constant.

Steps to reproduce:

  1. Simulate a GitHub outage returning a large HTML error page
  2. Trigger a nightly E2E endpoint
  3. Observe the full error page is buffered in memory with no size limit

This issue was automatically created from the KubeStellar Console.

Metadata

Metadata

Assignees

No one assigned

    Labels

    ai-fix-requestedai-processingAI is currently processing this issuekind/bugCategorizes issue or PR as related to a bug.triage/acceptedIndicates an issue or PR is ready to be actively worked on.triage/neededNeeds triage

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions