todo: live CD inspection

[libguestfs.git] / src / inspect.c

diff --git a/src/inspect.c b/src/inspect.c
index 3c4c619..962fd00 100644 (file)
--- a/src/inspect.c
+++ b/src/inspect.c
@@ -629,6 +629,14 @@ static int
 check_fstab (guestfs_h *g, struct inspect_fs *fs)
 {
   int r;
+  int64_t size;
+
+  /* Security: Refuse to do this if /etc/fstab is huge. */
+  size = guestfs_filesize (g, "/etc/fstab");
+  if (size == -1 || size > 100000) {
+    error (g, _("size of /etc/fstab unreasonable (%" PRIi64 " bytes)"), size);
+    return -1;
+  }
 
   /* XXX What if !feature_available (g, "augeas")? */
   if (guestfs_aug_init (g, "/", 16|32) == -1)
@@ -942,6 +950,14 @@ check_windows_registry (guestfs_h *g, struct inspect_fs *fs)
   hive_h *h = NULL;
   hive_value_h *values = NULL;
 
+  /* Security: Refuse to download registry if it is huge. */
+  int64_t size = guestfs_filesize (g, software_path);
+  if (size == -1 || size > 100000000) {
+    error (g, _("size of %s unreasonable (%" PRIi64 " bytes)"),
+           software_path, size);
+    goto out;
+  }
+
   if (mkdtemp (dir) == NULL) {
     perrorf (g, "mkdtemp");
     goto out;
@@ -1012,7 +1028,7 @@ check_windows_registry (guestfs_h *g, struct inspect_fs *fs)
         if (fs->minor_version == -1) {
           free (key);
           free (version);
-          return -1;
+          goto out;
         }
       }