From 37c1160b2360074d20858792f23a7eb3afeabebd Mon Sep 17 00:00:00 2001
From: Aaron Patterson <aaron.patterson@gmail.com>
Date: Thu, 1 Nov 2018 14:58:04 -0700
Subject: [PATCH] Reduce buffer size to avoid pathological parsing

[CVE-2018-16470]

Revert "Merge pull request #1192 from jkowens/master"

This reverts commit c43217a81917de03aa6ceb1aa485ae69b8bb4598.
---
 lib/rack/multipart/parser.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/rack/multipart/parser.rb b/lib/rack/multipart/parser.rb
index c02e26f..a19d6ea 100644
--- a/lib/rack/multipart/parser.rb
+++ b/lib/rack/multipart/parser.rb
@@ -5,7 +5,7 @@ module Rack
     class MultipartPartLimitError < Errno::EMFILE; end
 
     class Parser
-      BUFSIZE = 1_048_576
+      BUFSIZE = 16384
       TEXT_PLAIN = "text/plain"
       TEMPFILE_FACTORY = lambda { |filename, content_type|
         Tempfile.new(["RackMultipart", ::File.extname(filename.gsub("\0".freeze, '%00'.freeze))])
-- 
2.17.0