From 3866fe78d2558cad8de0eda15c5ffe1b28edc9ca Mon Sep 17 00:00:00 2001
From: Chao Xu <xuchao@google.com>
Date: Tue, 12 Feb 2019 23:37:01 -0800
Subject: [PATCH] Limit the number of operations in a single json patch to be
 10,000

Kubernetes-commit: 5e6fc5dce8b12c5ce80e016b208a51c81a8c9ce8
---
 pkg/endpoints/handlers/patch.go | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/pkg/endpoints/handlers/patch.go b/pkg/endpoints/handlers/patch.go
index 4c2fdeea8..b257eadd4 100644
--- a/pkg/endpoints/handlers/patch.go
+++ b/pkg/endpoints/handlers/patch.go
@@ -49,6 +49,11 @@ import (
 	utiltrace "k8s.io/utils/trace"
 )
 
+const (
+	// maximum number of operations a single json patch may contain.
+	maxJSONPatchOperations = 10000
+)
+
 // PatchResource returns a function that will handle a resource patch.
 func PatchResource(r rest.Patcher, scope RequestScope, admit admission.Interface, patchTypes []string) http.HandlerFunc {
 	return func(w http.ResponseWriter, req *http.Request) {
@@ -331,6 +336,11 @@ func (p *jsonPatcher) applyJSPatch(versionedJS []byte) (patchedJS []byte, retErr
 		if err != nil {
 			return nil, errors.NewBadRequest(err.Error())
 		}
+		if len(patchObj) > maxJSONPatchOperations {
+			return nil, errors.NewRequestEntityTooLargeError(
+				fmt.Sprintf("The allowed maximum operations in a JSON patch is %d, got %d",
+					maxJSONPatchOperations, len(patchObj)))
+		}
 		patchedJS, err := patchObj.Apply(versionedJS)
 		if err != nil {
 			return nil, errors.NewGenericServerResponse(http.StatusUnprocessableEntity, "", schema.GroupResource{}, "", err.Error(), 0, false)