Fix for an Issue #139

lib/core/settings.py

@@ -502,6 +502,9 @@ DNS_BOUNDARIES_ALPHABET = re.sub("[a-fA-F]", "", string.letters)
 # Connection chunk size (processing large responses in chunks to avoid MemoryError crashes - e.g. large table dump in full UNION/inband injections)
 MAX_CONNECTION_CHUNK_SIZE = 10 * 1024 * 1024
 
+# Maximum response total page size (trimmed if larger)
+MAX_CONNECTION_TOTAL_SIZE = 100 * 1024 * 1024
+
 # Mark used for trimming unnecessary content in large chunks
 LARGE_CHUNK_TRIM_MARKER = "__TRIMMED_CONTENT__"
 

lib/request/connect.py

@@ -51,6 +51,7 @@ from lib.core.settings import HTTP_ACCEPT_HEADER_VALUE
 from lib.core.settings import HTTP_ACCEPT_ENCODING_HEADER_VALUE
 from lib.core.settings import HTTP_SILENT_TIMEOUT
 from lib.core.settings import MAX_CONNECTION_CHUNK_SIZE
+from lib.core.settings import MAX_CONNECTION_TOTAL_SIZE
 from lib.core.settings import META_REFRESH_REGEX
 from lib.core.settings import MIN_TIME_RESPONSES
 from lib.core.settings import IS_WIN
@@ -139,6 +140,11 @@ class Connect:
                         retVal += _
                         break
 
+                    if len(retVal) > MAX_CONNECTION_TOTAL_SIZE:
+                        warnMsg = "too large response detected. Automatically trimming it"
+                        singleTimeWarnMessage(warnMsg)
+                        break
+
         return retVal
 
     @staticmethod