check_fstab (guestfs_h *g, struct inspect_fs *fs)
{
int r;
+ int64_t size;
+
+ /* Security: Refuse to do this if /etc/fstab is huge. */
+ size = guestfs_filesize (g, "/etc/fstab");
+ if (size == -1 || size > 100000) {
+ error (g, _("size of /etc/fstab unreasonable (%" PRIi64 " bytes)"), size);
+ return -1;
+ }
/* XXX What if !feature_available (g, "augeas")? */
if (guestfs_aug_init (g, "/", 16|32) == -1)
hive_h *h = NULL;
hive_value_h *values = NULL;
+ /* Security: Refuse to download registry if it is huge. */
+ int64_t size = guestfs_filesize (g, software_path);
+ if (size == -1 || size > 100000000) {
+ error (g, _("size of %s unreasonable (%" PRIi64 " bytes)"),
+ software_path, size);
+ goto out;
+ }
+
if (mkdtemp (dir) == NULL) {
perrorf (g, "mkdtemp");
goto out;