From: Richard W.M. Jones <rjones@redhat.com>
Date: Sat, 13 Nov 2010 14:49:37 +0000 (+0000)
Subject: inspect: Refuse to parse /etc/fstab if it is huge.
X-Git-Tag: 1.7.6~4
X-Git-Url: http://git.annexia.org/?p=libguestfs.git;a=commitdiff_plain;h=692f127447d399db21c2e93026d4d2b0ac1839d1

inspect: Refuse to parse /etc/fstab if it is huge.
---

diff --git a/src/inspect.c b/src/inspect.c
index 3c4c619..d0041c8 100644
--- a/src/inspect.c
+++ b/src/inspect.c
@@ -629,6 +629,14 @@ static int
 check_fstab (guestfs_h *g, struct inspect_fs *fs)
 {
   int r;
+  int64_t size;
+
+  /* Security: Refuse to do this if /etc/fstab is huge. */
+  size = guestfs_filesize (g, "/etc/fstab");
+  if (size == -1 || size > 100000) {
+    error (g, _("size of /etc/fstab unreasonable (%" PRIi64 " bytes)"), size);
+    return -1;
+  }
 
   /* XXX What if !feature_available (g, "augeas")? */
   if (guestfs_aug_init (g, "/", 16|32) == -1)