X-Git-Url: http://git.annexia.org/?a=blobdiff_plain;f=src%2Finspect.c;h=962fd0092ae3818ba7cd495fa2053363e801caa2;hb=c3ae17cc79a4e8dd4be0a3ae65d33384c175573b;hp=d0041c8ed23f91f6557bc7e33b25aa81e83e1105;hpb=692f127447d399db21c2e93026d4d2b0ac1839d1;p=libguestfs.git

diff --git a/src/inspect.c b/src/inspect.c
index d0041c8..962fd00 100644
--- a/src/inspect.c
+++ b/src/inspect.c
@@ -950,6 +950,14 @@ check_windows_registry (guestfs_h *g, struct inspect_fs *fs)
   hive_h *h = NULL;
   hive_value_h *values = NULL;
 
+  /* Security: Refuse to download registry if it is huge. */
+  int64_t size = guestfs_filesize (g, software_path);
+  if (size == -1 || size > 100000000) {
+    error (g, _("size of %s unreasonable (%" PRIi64 " bytes)"),
+           software_path, size);
+    goto out;
+  }
+
   if (mkdtemp (dir) == NULL) {
     perrorf (g, "mkdtemp");
     goto out;
@@ -1020,7 +1028,7 @@ check_windows_registry (guestfs_h *g, struct inspect_fs *fs)
         if (fs->minor_version == -1) {
           free (key);
           free (version);
-          return -1;
+          goto out;
         }
       }