#include "byte_conversions.h"
/* These limits are in place to stop really stupid stuff and/or exploits. */
-#define HIVEX_MAX_SUBKEYS 10000
-#define HIVEX_MAX_VALUES 1000
+#define HIVEX_MAX_SUBKEYS 15000
+#define HIVEX_MAX_VALUES 10000
#define HIVEX_MAX_VALUE_LEN 1000000
#define HIVEX_MAX_ALLOCATION 1000000
/* Arbitrarily limit the number of subkeys we will ever deal with. */
if (nr_subkeys_in_nk > HIVEX_MAX_SUBKEYS) {
+ if (h->msglvl >= 2)
+ fprintf (stderr, "hivex: get_children: returning ERANGE because nr_subkeys_in_nk > HIVEX_MAX_SUBKEYS (%zu > %d)\n",
+ nr_subkeys_in_nk, HIVEX_MAX_SUBKEYS);
errno = ERANGE;
goto error;
}
/* Arbitrarily limit the number of values we will ever deal with. */
if (nr_values > HIVEX_MAX_VALUES) {
+ if (h->msglvl >= 2)
+ fprintf (stderr, "hivex: get_values: returning ERANGE because nr_values > HIVEX_MAX_VALUES (%zu > %d)\n",
+ nr_values, HIVEX_MAX_VALUES);
errno = ERANGE;
goto error;
}
/* Arbitrarily limit the length that we will read. */
if (len > HIVEX_MAX_VALUE_LEN) {
+ if (h->msglvl >= 2)
+ fprintf (stderr, "hivex_value_value: returning ERANGE because data length > HIVEX_MAX_VALUE_LEN (%zu > %d)\n",
+ len, HIVEX_MAX_SUBKEYS);
errno = ERANGE;
return NULL;
}
struct ntreg_hbin_block *blockhdr =
(struct ntreg_hbin_block *) (h->addr + offset);
+ memset (blockhdr, 0, seg_len);
+
blockhdr->seg_len = htole32 (- (int32_t) seg_len);
if (id[0] && id[1] && seg_len >= sizeof (struct ntreg_hbin_block)) {
blockhdr->id[0] = id[0];