git.annexia.org
/
libguestfs.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Version 1.10.11.
[libguestfs.git]
/
src
/
filearch.c
diff --git
a/src/filearch.c
b/src/filearch.c
index
35a2ceb
..
14c7c02
100644
(file)
--- a/
src/filearch.c
+++ b/
src/filearch.c
@@
-147,6
+147,14
@@
cpio_arch (guestfs_h *g, const char *file, const char *path)
else
method = "cat";
else
method = "cat";
+ /* Security: Refuse to download initrd if it is huge. */
+ int64_t size = guestfs_filesize (g, path);
+ if (size == -1 || size > 100000000) {
+ error (g, _("size of %s unreasonable (%" PRIi64 " bytes)"),
+ path, size);
+ goto out;
+ }
+
if (mkdtemp (dir) == NULL) {
perrorf (g, "mkdtemp");
goto out;
if (mkdtemp (dir) == NULL) {
perrorf (g, "mkdtemp");
goto out;