inspect: Refuse to download software hive if it is huge.
authorRichard W.M. Jones <rjones@redhat.com>
Sat, 13 Nov 2010 14:54:52 +0000 (14:54 +0000)
committerRichard W.M. Jones <rjones@redhat.com>
Thu, 18 Nov 2010 11:55:13 +0000 (11:55 +0000)
(cherry picked from commit e44cf42f362d793c47d892a18a6853d88abd6ecb)

src/inspect.c

index 09dcecf..f4f13dd 100644 (file)
@@ -875,6 +875,14 @@ check_windows_registry (guestfs_h *g, struct inspect_fs *fs)
   hive_h *h = NULL;
   hive_value_h *values = NULL;
 
+  /* Security: Refuse to download registry if it is huge. */
+  int64_t size = guestfs_filesize (g, software_path);
+  if (size == -1 || size > 100000000) {
+    error (g, _("size of %s unreasonable (%" PRIi64 " bytes)"),
+           software_path, size);
+    goto out;
+  }
+
   if (mkdtemp (dir) == NULL) {
     perrorf (g, "mkdtemp");
     goto out;