Limit STDOUT to prevent OOM events in container

Recently, we discovered that for some code inputs, snekbox would get
into an OOM event on the container level, seemingly bypassing the memory
restrictions laid on code execution by NSJail.

After investigating the issue, we identified the culprit to be the
STDOUT pipe we use to get output back from NSJail: As output is piped
out of the jailed process, it will be gathered outside of the NSJail in
the main container process instead. This meant that our initial attempts
of limiting the allowed filesize within the NSJail failed, as the OOM
happened outside of the jailed environment.

To mitigate the issue, I've written a loop that consumes the STDOUT pipe
in chunks of 100 characters. Once the size of the accrued output reaches
a certain limit (currently set to 1 MB), we send a SIGTERM signal to
NSJail to terminate itself. The output up to that point will be relayed
back to the caller.

A minimal code snippet to trigger the event and the mitigation:

```py
while True:
    print(" ")
```

I've included a test for this vulnerability in `tests/test_nsjail.py`.

1 files changed, 9 insertions, 0 deletions

diff --git a/tests/test_nsjail.py b/tests/test_nsjail.py
index 0b755b2..852be4b 100644
--- a/tests/test_nsjail.py
+++ b/tests/test_nsjail.py
@@ -174,3 +174,12 @@ class NsJailTests(unittest.TestCase):
             msg="stdout does not come before stderr"
         )
         self.assertEqual(result.stderr, None)
+
+    def test_stdout_flood_results_in_graceful_sigterm(self):
+        stdout_flood = dedent("""
+            while True:
+                print('abcdefghij')
+        """).strip()
+
+        result = self.nsjail.python3(stdout_flood)
+        self.assertEqual(result.returncode, 143)