diff options
| author | Richard W.M. Jones <rjones@redhat.com> | 2010-11-16 12:45:50 +0000 |
|---|---|---|
| committer | Richard W.M. Jones <rjones@redhat.com> | 2010-11-16 12:58:44 +0000 |
| commit | 35afe0cb33c986bf595585a716ff259cf3415a1f (patch) | |
| tree | c4c67bd313ffe044b3b4b6de64e6096acd9dc215 | |
| parent | a4448956e9a815aff59cac3d98caf80f620fc4c4 (diff) | |
| download | libguestfs-35afe0cb33c986bf595585a716ff259cf3415a1f.tar.gz libguestfs-35afe0cb33c986bf595585a716ff259cf3415a1f.tar.xz libguestfs-35afe0cb33c986bf595585a716ff259cf3415a1f.zip | |
inspect: Check /etc/lsb-release is not too large before calling head on it.
| -rw-r--r-- | src/inspect.c | 17 |
1 files changed, 16 insertions, 1 deletions
diff --git a/src/inspect.c b/src/inspect.c index 9c988694..2006bbd7 100644 --- a/src/inspect.c +++ b/src/inspect.c @@ -400,11 +400,26 @@ parse_major_minor (guestfs_h *g, struct inspect_fs *fs) static int parse_lsb_release (guestfs_h *g, struct inspect_fs *fs) { + const char *filename = "/etc/lsb-release"; + int64_t size; char **lines; size_t i; int r = 0; - lines = guestfs_head_n (g, 10, "/etc/lsb-release"); + /* Don't trust guestfs_head_n not to break with very large files. + * Check the file size is something reasonable first. + */ + size = guestfs_filesize (g, filename); + if (size == -1) + /* guestfs_filesize failed and has already set error in handle */ + return -1; + if (size > 1000000) { + error (g, _("size of %s is unreasonably large (%" PRIi64 " bytes)"), + filename, size); + return -1; + } + + lines = guestfs_head_n (g, 10, filename); if (lines == NULL) return -1; |