Merge commit from fork

Watson1978 · web-flow · commit ce6c1f2a7741 · 2026-06-25T15:33:43.000+09:00
diff --git a/README.md b/README.md
@@ -65,10 +65,12 @@ Example:
 
 This requires to receive data via HTTP/HTTPS.
 
-| parameter | type    | description            | default   |
-|-----------|---------|------------------------|-----------|
-| bind      | string  | The address to bind to | `0.0.0.0` |
-| port      | integer | The port to listen to  | `4318`    |
+| parameter                | type    | description                                                                                                               | default   |
+|--------------------------|---------|---------------------------------------------------------------------------------------------------------------------------|-----------|
+| bind                     | string  | The address to bind to                                                                                                    | `0.0.0.0` |
+| port                     | integer | The port to listen to                                                                                                     | `4318`    |
+| body_size_limit          | size    | The size limit of the POSTed element. This value should be larger than the 'chunk_limit_size' in out_opentelemetry plugin | `32M` (32MiB)     |
+| decompression_size_limit | size    | The size limit of the decompressed element                                                                                | `256M`  (256MiB)   |
 
 #### `<grpc>` section
 
diff --git a/lib/fluent/plugin/in_opentelemetry.rb b/lib/fluent/plugin/in_opentelemetry.rb
@@ -27,6 +27,11 @@ class OpentelemetryInput < Input
       config_param :bind, :string, default: "0.0.0.0"
       desc "The port to listen to."
       config_param :port, :integer, default: 4318
+
+      desc "The size limit of the POSTed element. This value should be larger than the 'chunk_limit_size' in out_opentelemetry plugin."
+      config_param :body_size_limit, :size, default: 32 * 1024 * 1024
+      desc "The size limit of the decompressed element."
+      config_param :decompression_size_limit, :size, default: 256 * 1024 * 1024
     end
 
     config_section :grpc, required: false, multi: false, init: false, param_name: :grpc_config do
diff --git a/lib/fluent/plugin/opentelemetry/http_input_handler.rb b/lib/fluent/plugin/opentelemetry/http_input_handler.rb
@@ -25,11 +25,19 @@ def close
           @request.body&.close
         end
       end
+
+      unless method_defined?(:body_stream)
+        def body_stream
+          @request.body
+        end
+      end
     end
   end
 end
 
 class Fluent::Plugin::Opentelemetry::HttpInputHandler
+  class SizeLimitError < StandardError; end
+
   using Fluent::PluginHelper::HttpServer::Extension
 
   def initialize(http_config, logger)
@@ -54,13 +62,29 @@ def traces(req, &block)
   def common(req, request_class, response_class)
     content_type = req.headers["content-type"]
     content_encoding = req.headers["content-encoding"]&.first
-    body = req.body
+
+    content_length = req.headers["content-length"]&.first&.to_i
+    if content_length && content_length >= @http_config.body_size_limit
+      @logger.warn { "Received too big content length: #{content_length}" }
+      return response_payload_too_large
+    end
+
+    begin
+      body = read_body(req, limit: @http_config.body_size_limit)
+    rescue SizeLimitError
+      @logger.warn { "Received payload exceeding body_size_limit" }
+      return response_payload_too_large
+    end
+
     return response_unsupported_media_type unless valid_content_type?(content_type)
     return response_bad_request(content_type) unless valid_content_encoding?(content_encoding)
 
     if content_encoding == Fluent::Plugin::Opentelemetry::CONTENT_ENCODING_GZIP
       begin
-        body = Zlib::GzipReader.new(StringIO.new(body)).read
+        body = decompress(body, limit: @http_config.decompression_size_limit)
+      rescue SizeLimitError
+        @logger.warn { "Decompressed payload exceeding decompression_size_limit" }
+        return response_payload_too_large
       rescue Zlib::Error => e
         @logger.warn { "Failed to decompress gzip payload: #{e.message}" }
         return response_bad_request(content_type)
@@ -83,6 +107,42 @@ def common(req, request_class, response_class)
     req.close
   end
 
+  def read_body(request, limit:)
+    body = +""
+    while (chunk = request.body_stream&.read)
+      body << chunk
+      if body.bytesize > limit
+        raise SizeLimitError, "Too large payload"
+      end
+    end
+    body
+  end
+
+  BYTES_TO_READ = 64 * 1024
+
+  def decompress(compressed_data, limit:)
+    io = StringIO.new(compressed_data)
+    out = +""
+    loop do
+      reader = Zlib::GzipReader.new(io)
+      while (chunk = reader.read(BYTES_TO_READ))
+        out << chunk
+        if out.bytesize > limit
+          raise SizeLimitError, "Decompressed data exceeds limit of #{limit} bytes"
+        end
+      end
+
+      unused = reader.unused
+      reader.finish
+      unless unused.nil?
+        adjust = unused.length
+        io.pos -= adjust
+      end
+      break if io.eof?
+    end
+    out
+  end
+
   def valid_content_type?(content_type)
     case content_type
     when Fluent::Plugin::Opentelemetry::CONTENT_TYPE_PROTOBUF, Fluent::Plugin::Opentelemetry::CONTENT_TYPE_JSON
@@ -106,6 +166,10 @@ def response_unsupported_media_type
     response(415, Fluent::Plugin::Opentelemetry::CONTENT_TYPE_PLAIN, "415 unsupported media type, supported: [application/json, application/x-protobuf]")
   end
 
+  def response_payload_too_large
+    response(413, Fluent::Plugin::Opentelemetry::CONTENT_TYPE_PLAIN, "413 Payload Too Large")
+  end
+
   def response_bad_request(content_type)
     response(400, content_type, "") # TODO: fix body message
   end
diff --git a/test/fluent/plugin/test_in_opentelemetry.rb b/test/fluent/plugin/test_in_opentelemetry.rb
@@ -32,11 +32,15 @@ def test_configure
       <http>
         bind 127.0.0.1
         port #{@port}
+        body_size_limit 12345
+        decompression_size_limit 123456
       </http>
     ])
     assert_equal "opentelemetry.test", d.instance.tag
     assert_equal "127.0.0.1", d.instance.http_config.bind
     assert_equal @port, d.instance.http_config.port
+    assert_equal 12345, d.instance.http_config.body_size_limit
+    assert_equal 123456, d.instance.http_config.decompression_size_limit
 
     if defined?(GRPC)
       d = create_driver(%[
diff --git a/test/fluent/plugin/test_in_opentelemetry_http.rb b/test/fluent/plugin/test_in_opentelemetry_http.rb
@@ -113,6 +113,74 @@ def test_receive_compressed_json
       assert_equal(expected_events, d.events)
     end
 
+    def test_body_size_limit
+      d = create_driver(<<~"CONFIG")
+        tag opentelemetry.test
+        <http>
+          bind 127.0.0.1
+          port #{@port}
+          body_size_limit #{TestData::JSON::LOGS.bytesize}
+        </http>
+      CONFIG
+
+      res = d.run(expect_records: 1) do
+        post_json("/v1/logs", TestData::JSON::LOGS)
+      end
+      expected_events = [["opentelemetry.test", @event_time, { "type" => "opentelemetry_logs", "message" => TestData::JSON::LOGS }]]
+      assert_equal(200, res.status)
+      assert_equal(expected_events, d.events)
+    end
+
+    def test_body_size_limit_too_large_payload
+      d = create_driver(<<~"CONFIG")
+        tag opentelemetry.test
+        <http>
+          bind 127.0.0.1
+          port #{@port}
+          body_size_limit #{TestData::JSON::LOGS.bytesize - 1}
+        </http>
+      CONFIG
+
+      res = d.run(expect_records: 0) do
+        post_json("/v1/logs", TestData::JSON::LOGS)
+      end
+      assert_equal(413, res.status)
+    end
+
+    def test_decompression_size_limit
+      d = create_driver(<<~"CONFIG")
+        tag opentelemetry.test
+        <http>
+          bind 127.0.0.1
+          port #{@port}
+          decompression_size_limit #{TestData::JSON::LOGS.bytesize}
+        </http>
+      CONFIG
+
+      res = d.run(expect_records: 1) do
+        post_json("/v1/logs", compress(TestData::JSON::LOGS), headers: { "Content-Encoding" => "gzip" })
+      end
+      expected_events = [["opentelemetry.test", @event_time, { "type" => "opentelemetry_logs", "message" => TestData::JSON::LOGS }]]
+      assert_equal(200, res.status)
+      assert_equal(expected_events, d.events)
+    end
+
+    def test_decompression_size_limit_too_large_payload
+      d = create_driver(<<~"CONFIG")
+        tag opentelemetry.test
+        <http>
+          bind 127.0.0.1
+          port #{@port}
+          decompression_size_limit #{TestData::JSON::LOGS.bytesize - 1}
+        </http>
+      CONFIG
+
+      res = d.run(expect_records: 0) do
+        post_json("/v1/logs", compress(TestData::JSON::LOGS), headers: { "Content-Encoding" => "gzip" })
+      end
+      assert_equal(413, res.status)
+    end
+
     data("metrics" => {
            request_path: "/v1/metrics",
            request_data: TestData::ProtocolBuffers::METRICS,
