In the foundation/keystore/keystore.go we have:

I don't get the logic behind this 1MB limit and the explanation with the "shenanigans like linking" argument. Some references about this reasoning?

Thx!

Im pretty sure this is for protection. If you were to pass in /dev/random it would use all your memory. Looking closer, if you pass in /dev/random it would use a 1MB sample from /dev/random/. Without LimitReader, io.ReadAll will keep reading from /dev/random until you run out of mem.

Im pretty sure this is for protection. If you were to pass in /dev/random it would use all your memory. Looking closer, if you pass in /dev/random it would use a 1MB sample from /dev/random/. Without LimitReader, io.ReadAll will keep reading from /dev/random until you run out of mem.

Oh, you mean like if the io.ReadAll would not read a PEM file and would read something else like "/dev/random" you would have protection with the io.LimitReader to don't fill the memory with whatever that "/dev/random" contains (it could be a big file maybe).

Yes exactly. This is also useful for reading a response body in http server with ReadAll.

/dev/random on Linux just spits out random data forever. You could use /dev/random to overwrite your hard drive to "secure wipe" it clean.

So I think here, hes saying 1MB is plenty big enough to read in the PEM file.