From 717d4c79fa9ba6fc5bfd96928b9df51bfc01ea7d Mon Sep 17 00:00:00 2001
From: "data-plane-api(Azure Pipelines)"
 <data-plane-api@users.noreply.github.com>
Date: Tue, 26 Jul 2022 13:44:15 +0000
Subject: [PATCH] decompressor: more flexible way to limit output size of gzip
 decompressor (#21864)

Signed-off-by: giantcroc <changran.wang@intel.com>

Mirrored from https://github.com/envoyproxy/envoy @ 41da908b801f3662f85204da8a0645962ab61252
---
 .../extensions/compression/gzip/decompressor/v3/gzip.proto  | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/envoy/extensions/compression/gzip/decompressor/v3/gzip.proto b/envoy/extensions/compression/gzip/decompressor/v3/gzip.proto
index 82e50c23..a338f6ee 100644
--- a/envoy/extensions/compression/gzip/decompressor/v3/gzip.proto
+++ b/envoy/extensions/compression/gzip/decompressor/v3/gzip.proto
@@ -27,4 +27,10 @@ message Gzip {
   // Value for zlib's decompressor output buffer. If not set, defaults to 4096.
   // See https://www.zlib.net/manual.html for more details.
   google.protobuf.UInt32Value chunk_size = 2 [(validate.rules).uint32 = {lte: 65536 gte: 4096}];
+
+  // An upper bound to the number of times the output buffer is allowed to be bigger than the size of
+  // the accumulated input. This value is used to prevent decompression bombs. If not set, defaults to 100.
+  // [#comment:TODO(rojkov): Re-design the Decompressor interface to handle compression bombs gracefully instead of this quick solution.
+  // See https://github.com/envoyproxy/envoy/commit/d4c39e635603e2f23e1e08ddecf5a5fb5a706338 for details.]
+  google.protobuf.UInt32Value max_inflate_ratio = 3 [(validate.rules).uint32 = {lte: 1032 gte: 1}];
 }