inspect: Check /etc/lsb-release is not too large before calling head on it.

author Richard W.M. Jones <rjones@redhat.com>

Tue, 16 Nov 2010 12:45:50 +0000 (12:45 +0000)

committer Richard W.M. Jones <rjones@redhat.com>

Tue, 16 Nov 2010 12:58:44 +0000 (12:58 +0000)
author Richard W.M. Jones <rjones@redhat.com>
Tue, 16 Nov 2010 12:45:50 +0000 (12:45 +0000)
committer Richard W.M. Jones <rjones@redhat.com>
Tue, 16 Nov 2010 12:58:44 +0000 (12:58 +0000)
diff --git a/src/inspect.c b/src/inspect.c

index 9c98869..2006bbd 100644 (file)
--- a/src/inspect.c
+++ b/src/inspect.c
@@ -400,11 +400,26 @@ parse_major_minor (guestfs_h *g, struct inspect_fs *fs)
  static int
  parse_lsb_release (guestfs_h *g, struct inspect_fs *fs)
  {
  static int
  parse_lsb_release (guestfs_h *g, struct inspect_fs *fs)
  {
+  const char *filename = "/etc/lsb-release";
+  int64_t size;
    char **lines;
    size_t i;
    int r = 0;
  
    char **lines;
    size_t i;
    int r = 0;
  
-  lines = guestfs_head_n (g, 10, "/etc/lsb-release");
+  /* Don't trust guestfs_head_n not to break with very large files.
+   * Check the file size is something reasonable first.
+   */
+  size = guestfs_filesize (g, filename);
+  if (size == -1)
+    /* guestfs_filesize failed and has already set error in handle */
+    return -1;
+  if (size > 1000000) {
+    error (g, _("size of %s is unreasonably large (%" PRIi64 " bytes)"),
+           filename, size);
+    return -1;
+  }
+
+  lines = guestfs_head_n (g, 10, filename);
    if (lines == NULL)
      return -1;
  
    if (lines == NULL)
      return -1;
author	Richard W.M. Jones <rjones@redhat.com>
	Tue, 16 Nov 2010 12:45:50 +0000 (12:45 +0000)
committer	Richard W.M. Jones <rjones@redhat.com>
	Tue, 16 Nov 2010 12:58:44 +0000 (12:58 +0000)