feat(io): added Reader::readUntilBounded() method (#620)

Author: azjezz

CHANGELOG.md

@@ -1,5 +1,12 @@
 # Changelog
 
+## 5.5.0
+
+### features
+
+- feat(io): added `Reader::readUntilBounded(string $suffix, int $max_bytes, ?Duration $timeout)` method, which reads until a suffix is found, but throws `IO\Exception\OverflowException` if the content exceeds `$max_bytes` before the suffix is encountered.
+- feat(io): added `IO\Exception\OverflowException` exception class.
+
 ## 5.4.0
 
 ### features

docs/content/io/io.md

@@ -41,6 +41,12 @@ In non-CLI SAPIs, `input_handle()` reads from `php://input` and `output_handle()
 
 @example('io/io-reader.php')
 
+### Bounded Reads
+
+`Reader::readUntilBounded()` works like `readUntil()` but enforces a maximum byte limit. If the suffix is not found within `$max_bytes`, an `IO\Exception\OverflowException` is thrown. This prevents unbounded memory consumption when reading from untrusted sources — for example, capping HTTP header lines to a safe size so a malicious client cannot exhaust memory by sending an endless line.
+
+@example('io/io-reader-bounded.php')
+
 ## Spool
 
 `IO\spool()` creates a handle that writes to memory until a threshold is reached (default 2MB), then transparently spools to a temporary file on disk. This is useful when buffering data of unknown size without risking excessive memory usage.

docs/examples/io/io-reader-bounded.php

@@ -0,0 +1,28 @@
+<?php
+
+declare(strict_types=1);
+
+require_once __DIR__ . '/../../../vendor/autoload.php';
+
+use Psl\IO;
+
+$handle = new IO\MemoryHandle("GET / HTTP/1.1\r\nHost: example.com\r\n\r\nbody");
+$reader = new IO\Reader($handle);
+
+// Read the request line, capped at 8192 bytes
+$requestLine = $reader->readUntilBounded("\r\n", 8192);
+IO\write_line('Request line: %s', $requestLine ?? '<not found>');
+
+// Read a header line, capped at 4096 bytes
+$header = $reader->readUntilBounded("\r\n", 4096);
+IO\write_line('Header: %s', $header ?? '<not found>');
+
+// If the line exceeds the limit, OverflowException is thrown:
+$tinyHandle = new IO\MemoryHandle("this line is way too long\r\n");
+$tinyReader = new IO\Reader($tinyHandle);
+
+try {
+    $tinyReader->readUntilBounded("\r\n", 5);
+} catch (IO\Exception\OverflowException $e) {
+    IO\write_line('Caught: %s', $e->getMessage());
+}

src/Psl/IO/Exception/OverflowException.php

@@ -0,0 +1,9 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Psl\IO\Exception;
+
+use Psl\Exception;
+
+class OverflowException extends Exception\OverflowException implements ExceptionInterface {}

src/Psl/IO/Reader.php

@@ -207,6 +207,97 @@ public function readUntil(string $suffix, null|Duration $timeout = null): null|s
         return substr($buf, 0, $idx);
     }
 
+    /**
+     * Read until the specified suffix is seen, with a maximum number of bytes to read.
+     *
+     * The trailing suffix is read (so won't be returned by other calls), but is not
+     * included in the return value.
+     *
+     * This call returns null if the suffix is not seen before EOF.
+     *
+     * @param positive-int $max_bytes Maximum number of bytes to read before throwing OverflowException.
+     *
+     * @throws Exception\AlreadyClosedException If the handle has been already closed.
+     * @throws Exception\RuntimeException If an error occurred during the operation.
+     * @throws Exception\TimeoutException If $timeout is reached before being able to read from the handle.
+     * @throws Exception\OverflowException If $max_bytes is exceeded without finding the suffix.
+     */
+    public function readUntilBounded(string $suffix, int $max_bytes, null|Duration $timeout = null): null|string
+    {
+        $buf = $this->buffer;
+        $suffix_len = strlen($suffix);
+        $idx = strpos($buf, $suffix);
+        if (false !== $idx) {
+            if ($idx > $max_bytes) {
+                throw new Exception\OverflowException(Str\format(
+                    'Exceeded maximum byte limit (%d) before encountering the suffix ("%s").',
+                    $max_bytes,
+                    $suffix,
+                ));
+            }
+
+            $this->buffer = substr($buf, $idx + $suffix_len);
+            return substr($buf, 0, $idx);
+        }
+
+        if (strlen($buf) > $max_bytes) {
+            throw new Exception\OverflowException(Str\format(
+                'Exceeded maximum byte limit (%d) before encountering the suffix ("%s").',
+                $max_bytes,
+                $suffix,
+            ));
+        }
+
+        $timer = new Async\OptionalIncrementalTimeout($timeout, static function () use ($suffix): void {
+            // @codeCoverageIgnoreStart
+            throw new Exception\TimeoutException(Str\format(
+                "Reached timeout before encountering the suffix (\"%s\").",
+                $suffix,
+            ));
+            // @codeCoverageIgnoreEnd
+        });
+
+        do {
+            $offset = strlen($buf) - $suffix_len + 1;
+            $offset = $offset > 0 ? $offset : 0;
+            $chunk = $this->handle->read(null, $timer->getRemaining());
+            if ('' === $chunk) {
+                $this->buffer = $buf;
+                return null;
+            }
+
+            $buf .= $chunk;
+            $idx = strpos($buf, $suffix, $offset);
+
+            if (false !== $idx) {
+                if ($idx > $max_bytes) {
+                    $this->buffer = $buf;
+                    throw new Exception\OverflowException(Str\format(
+                        'Exceeded maximum byte limit (%d) before encountering the suffix ("%s").',
+                        $max_bytes,
+                        $suffix,
+                    ));
+                }
+
+                break;
+            }
+
+            if (strlen($buf) > $max_bytes) {
+                $this->buffer = $buf;
+                throw new Exception\OverflowException(Str\format(
+                    'Exceeded maximum byte limit (%d) before encountering the suffix ("%s").',
+                    $max_bytes,
+                    $suffix,
+                ));
+            }
+        } while (true);
+
+        /** @var int<0, max> $idx*/
+        $this->buffer = substr($buf, $idx + $suffix_len);
+
+        return substr($buf, 0, $idx);
+    }
+
     /**
      * {@inheritDoc}
      */

src/Psl/Internal/Loader.php

@@ -1093,6 +1093,7 @@ final class Loader
         'Psl\\Filesystem\\Exception\\NotReadableException' => 'Psl/Filesystem/Exception/NotReadableException.php',
         'Psl\\IO\\Exception\\AlreadyClosedException' => 'Psl/IO/Exception/AlreadyClosedException.php',
         'Psl\\IO\\Exception\\RuntimeException' => 'Psl/IO/Exception/RuntimeException.php',
+        'Psl\\IO\\Exception\\OverflowException' => 'Psl/IO/Exception/OverflowException.php',
         'Psl\\IO\\Exception\\TimeoutException' => 'Psl/IO/Exception/TimeoutException.php',
         'Psl\\IO\\Internal\\ResourceHandle' => 'Psl/IO/Internal/ResourceHandle.php',
         'Psl\\IO\\Reader' => 'Psl/IO/Reader.php',

tests/unit/IO/ReaderTest.php

@@ -94,6 +94,113 @@ public function testReadSome(): void
         static::assertSame('', $reader->read());
     }
 
+    public function testReadUntilBoundedFindsPrefix(): void
+    {
+        $handle = new IO\MemoryHandle('hello\r\nworld');
+        $reader = new IO\Reader($handle);
+
+        static::assertSame('hello', $reader->readUntilBounded('\r\n', 100));
+        static::assertSame('world', $reader->read());
+    }
+
+    public function testReadUntilBoundedReturnsNullOnEof(): void
+    {
+        $handle = new IO\MemoryHandle('hello');
+        $reader = new IO\Reader($handle);
+
+        static::assertNull($reader->readUntilBounded('@', 100));
+    }
+
+    public function testReadUntilBoundedThrowsOverflowWhenBufferExceedsMaxBeforeRead(): void
+    {
+        $handle = new IO\MemoryHandle('aaaaaaaaaa\r\n');
+        $reader = new IO\Reader($handle);
+
+        $this->expectException(IO\Exception\OverflowException::class);
+        $this->expectExceptionMessage('Exceeded maximum byte limit (5) before encountering the suffix ("\r\n").');
+
+        $reader->readUntilBounded('\r\n', 5);
+    }
+
+    public function testReadUntilBoundedThrowsOverflowWhenSuffixFoundBeyondMax(): void
+    {
+        $handle = new IO\MemoryHandle('abcdefghij:end');
+        $reader = new IO\Reader($handle);
+
+        $this->expectException(IO\Exception\OverflowException::class);
+        $this->expectExceptionMessage('Exceeded maximum byte limit (3) before encountering the suffix (":end").');
+
+        $reader->readUntilBounded(':end', 3);
+    }
+
+    public function testReadUntilBoundedExactMaxBytes(): void
+    {
+        $handle = new IO\MemoryHandle('abcde:end');
+        $reader = new IO\Reader($handle);
+
+        static::assertSame('abcde', $reader->readUntilBounded(':end', 5));
+    }
+
+    public function testReadUntilBoundedSuffixAtStart(): void
+    {
+        $handle = new IO\MemoryHandle(':endrest');
+        $reader = new IO\Reader($handle);
+
+        static::assertSame('', $reader->readUntilBounded(':end', 10));
+        static::assertSame('rest', $reader->read());
+    }
+
+    public function testReadUntilBoundedMultipleSuffixes(): void
+    {
+        $handle = new IO\MemoryHandle('ab|cd|ef');
+        $reader = new IO\Reader($handle);
+
+        static::assertSame('ab', $reader->readUntilBounded('|', 100));
+        static::assertSame('cd', $reader->readUntilBounded('|', 100));
+        static::assertNull($reader->readUntilBounded('|', 100));
+    }
+
+    public function testReadUntilBoundedPreservesBufferAfterOverflow(): void
+    {
+        $handle = new IO\MemoryHandle('toolongcontent:endfoo');
+        $reader = new IO\Reader($handle);
+
+        try {
+            $reader->readUntilBounded(':end', 3);
+            static::fail('Expected OverflowException');
+        } catch (IO\Exception\OverflowException) {
+            static::addToAssertionCount(1);
+        }
+
+        static::assertSame('toolongcontent:endfoo', $reader->read());
+    }
+
+    public function testReadUntilBoundedSingleByteSuffix(): void
+    {
+        $handle = new IO\MemoryHandle('abc\ndef');
+        $reader = new IO\Reader($handle);
+
+        static::assertSame('abc', $reader->readUntilBounded('\n', 10));
+        static::assertSame('def', $reader->read());
+    }
+
+    public function testReadUntilBoundedEmptyHandle(): void
+    {
+        $handle = new IO\MemoryHandle('');
+        $reader = new IO\Reader($handle);
+
+        static::assertNull($reader->readUntilBounded(':end', 100));
+    }
+
+    public function testReadUntilBoundedMaxBytesExactlyAtSuffix(): void
+    {
+        $handle = new IO\MemoryHandle('abc|rest');
+        $reader = new IO\Reader($handle);
+
+        static::assertSame('abc', $reader->readUntilBounded('|', 3));
+        static::assertSame('rest', $reader->read());
+    }
+
     public function testReadUntilInvalidSuffix(): void
     {
         $handle = new IO\MemoryHandle('hello');