Add latest changes from gitlab-org/gitlab@master

author: GitLab Bot <gitlab-bot@gitlab.com> 2023-11-13 18:13:52 +0300
committer: GitLab Bot <gitlab-bot@gitlab.com> 2023-11-13 18:13:52 +0300
commit: 191f3b52a9e0caa72f4e6f7224f0830ba3976d59 (patch)
tree: a65aa3f913284ca1cddba74fd9673261b899f031 /gems
parent: df592d51aeadc1b566abb600e283341876a8f064 (diff)
2 files changed, 20 insertions, 2 deletions
diff --git a/gems/gitlab-http/lib/gitlab/http_v2/url_blocker.rb b/gems/gitlab-http/lib/gitlab/http_v2/url_blocker.rb
index 878daf42d8a..99876c77953 100644
--- a/gems/gitlab-http/lib/gitlab/http_v2/url_blocker.rb
+++ b/gems/gitlab-http/lib/gitlab/http_v2/url_blocker.rb
@@ -7,6 +7,7 @@ require_relative 'url_allowlist'
 module Gitlab
   module HTTP_V2
     class UrlBlocker
+      GETADDRINFO_TIMEOUT_SECONDS = 15
       BlockedUrlError = Class.new(StandardError)
       HTTP_PROXY_ENV_VARS = %w[http_proxy https_proxy HTTP_PROXY HTTPS_PROXY].freeze
 
@@ -192,9 +193,13 @@ module Gitlab
         #
         # @return [Array<Addrinfo>]
         def get_address_info(uri)
-          Addrinfo.getaddrinfo(uri.hostname, get_port(uri), nil, :STREAM).map do |addr|
-            addr.ipv6_v4mapped? ? addr.ipv6_to_ipv4 : addr
+          Timeout.timeout(GETADDRINFO_TIMEOUT_SECONDS) do
+            Addrinfo.getaddrinfo(uri.hostname, get_port(uri), nil, :STREAM).map do |addr|
+              addr.ipv6_v4mapped? ? addr.ipv6_to_ipv4 : addr
+            end
           end
+        rescue Timeout::Error => e
+          raise Gitlab::HTTP_V2::UrlBlocker::BlockedUrlError, e.message
         rescue ArgumentError => e
           # Addrinfo.getaddrinfo errors if the domain exceeds 1024 characters.
           raise unless e.message.include?('hostname too long')
diff --git a/gems/gitlab-http/spec/gitlab/http_v2/url_blocker_spec.rb b/gems/gitlab-http/spec/gitlab/http_v2/url_blocker_spec.rb
index e47098e6f74..904fed9baef 100644
--- a/gems/gitlab-http/spec/gitlab/http_v2/url_blocker_spec.rb
+++ b/gems/gitlab-http/spec/gitlab/http_v2/url_blocker_spec.rb
@@ -214,6 +214,19 @@ RSpec.describe Gitlab::HTTP_V2::UrlBlocker, :stub_invalid_dns_only, feature_cate
       end
     end
 
+    context 'when resolving runs into a timeout' do
+      let(:import_url) { 'http://example.com' }
+
+      before do
+        stub_const("#{described_class}::GETADDRINFO_TIMEOUT_SECONDS", 1)
+        allow(Addrinfo).to receive(:getaddrinfo) { sleep 2 }
+      end
+
+      it 'raises an error due to DNS timeout' do
+        expect { subject }.to raise_error(Gitlab::HTTP_V2::UrlBlocker::BlockedUrlError, "execution expired")
+      end
+    end
+
     context 'when the URL hostname is a domain' do
       context 'when domain can be resolved' do
         let(:import_url) { 'https://example.org' }
author	GitLab Bot <gitlab-bot@gitlab.com>	2023-11-13 18:13:52 +0300
committer	GitLab Bot <gitlab-bot@gitlab.com>	2023-11-13 18:13:52 +0300
commit	191f3b52a9e0caa72f4e6f7224f0830ba3976d59 (patch)
tree	a65aa3f913284ca1cddba74fd9673261b899f031 /gems
parent	df592d51aeadc1b566abb600e283341876a8f064 (diff)