inspect: Refuse to parse /etc/fstab if it is huge.
authorRichard W.M. Jones <rjones@redhat.com>
Sat, 13 Nov 2010 14:49:37 +0000 (14:49 +0000)
committerRichard W.M. Jones <rjones@redhat.com>
Thu, 18 Nov 2010 11:55:06 +0000 (11:55 +0000)
(cherry picked from commit 692f127447d399db21c2e93026d4d2b0ac1839d1)

src/inspect.c

index 79b43e9..09dcecf 100644 (file)
@@ -580,6 +580,14 @@ static int
 check_fstab (guestfs_h *g, struct inspect_fs *fs)
 {
   int r;
+  int64_t size;
+
+  /* Security: Refuse to do this if /etc/fstab is huge. */
+  size = guestfs_filesize (g, "/etc/fstab");
+  if (size == -1 || size > 100000) {
+    error (g, _("size of /etc/fstab unreasonable (%" PRIi64 " bytes)"), size);
+    return -1;
+  }
 
   /* XXX What if !feature_available (g, "augeas")? */
   if (guestfs_aug_init (g, "/", 16|32) == -1)