if (product_name == NULL)
return -1;
if (product_name[0] == NULL) {
- error (g, "%s: file is empty", release_filename);
+ error (g, _("%s: file is empty"), release_filename);
guestfs___free_string_list (product_name);
return -1;
}
check_fstab (guestfs_h *g, struct inspect_fs *fs)
{
int r;
+ int64_t size;
+
+ /* Security: Refuse to do this if /etc/fstab is huge. */
+ size = guestfs_filesize (g, "/etc/fstab");
+ if (size == -1 || size > 100000) {
+ error (g, _("size of /etc/fstab unreasonable (%" PRIi64 " bytes)"), size);
+ return -1;
+ }
/* XXX What if !feature_available (g, "augeas")? */
if (guestfs_aug_init (g, "/", 16|32) == -1)
return -1;
if (lines[0] == NULL) {
- error (g, "could not parse /etc/fstab or empty file");
+ error (g, _("could not parse /etc/fstab or empty file"));
guestfs___free_string_list (lines);
return -1;
}
hive_h *h = NULL;
hive_value_h *values = NULL;
+ /* Security: Refuse to download registry if it is huge. */
+ int64_t size = guestfs_filesize (g, software_path);
+ if (size == -1 || size > 100000000) {
+ error (g, _("size of %s unreasonable (%" PRIi64 " bytes)"),
+ software_path, size);
+ goto out;
+ }
+
if (mkdtemp (dir) == NULL) {
perrorf (g, "mkdtemp");
goto out;
long ret;
int r = xstrtol (str, NULL, 10, &ret, "");
if (r != LONGINT_OK) {
- error (g, "could not parse integer in version number: %s", str);
+ error (g, _("could not parse integer in version number: %s"), str);
return -1;
}
return ret;